Forgot your password?
typodupeerror

Comment: Re:What moron puts IPMI public facing? (Score 2) 102

by XanC (#47283631) Attached to: Supermicro Fails At IPMI, Leaks Admin Passwords

I was asking about this on the OVH forums just the other day, in fact:

Our IPMI are actually configured on a private network separated from Dedicated Servers network using a private VLAN for all the IPMI traffic fully secured via our network equipement.

There is two way you can access the IPMI connection:

1- Over a Java applet which generate and send you a .jnlp file valid for this session only. (This method let you use keyboard and mouse)

2- Over a webrowser via Serial over LAN that use a temporarly generated user valid for this session only.

https://forum.ovh.us/showthrea...

Comment: Re:Versions (Score 1) 217

by XanC (#47176997) Attached to: New OpenSSL Man-in-the-Middle Flaw Affects All Clients

That's not necessarily true. People may have "panic upgraded" who were using a supported and up-to-date (and not vulnerable) 0.9.8. People may have "panic upgraded" by building and installing the latest OpenSSL, not knowing that their distribution had pushed out a patched version of the version they had been running. Now, their OpenSSL might be totally outside of package management, and they could really be in trouble for this one, unless they're paying a lot of attention (which they aren't, or they wouldn't have screwed up in the first place).

Of course you can't flap your arms and fly to the moon. After a while you'd run out of air to push against.

Working...