Re: [cryptography] [Cryptography] What is Intel(R) Core™ vPro™ Technology Animation

coderman coderman@gmail.com
Mon Sep 23 13:22:06 PDT 2013


On Sun, Sep 22, 2013 at 9:21 PM, Jeffrey Walton <noloader@gmail.com> wrote:
> ...
> Painting with a broad brush, part of the solution is a remote
> administration board that can''t be removed. Cf, Fujitsu LOM (Lights
> Out Management), HP ILO (Integrated Lights Out) HP RILO (Remote
> Integrated Lights Out), Compaq RIB (Remote Insight Board), and Dell
> DRAC (Dell Remote Access Card).
>
> As for who has access, that depends on the quality of the
> implementations.
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4784.


as an attacker, these are my favorite systems, second only to
continuous integration servers. remote access subsystems are hard to
upgrade, poorly maintained, and provide exceptional access to hosts
and systems. (and in fact, abusing a DRAC to get to the CI to then get
keys to the kingdom, is a standard approach once you've got a pivot in
network)

i cannot count the number of times i've seen insecure configurations
deployed, either self signed certs, common passwords, insecure ACLs,
or all of the above.

i can count the number of times i've seen a properly configured RA
system with legit PKI and password management: ZERO!


the traditional enterprise network is a soft gooey core with a fig
leaf perimeter defense.  sad realities...



More information about the cypherpunks mailing list