Comment A permanent workaround (Score 1) 102
I found what appears to be a good permanent workaround from a Christian Hertel in the comment section of http://threatpost.com/plaintex...:
Another Hotfix in case there is no newer IPMI firmware release to upgrade to (so no way to fix the issue otherwise):
Login via SSH, then issue the following commands:
shell sh
iptables -I INPUT -p tcp --dport 49152 -j DROP
iptables-save >
I've tested it on my affected servers and have verified it works and survives a reboot of IPMI. However, I'm wondering if there's a reason I might regret blocking access to port 49152 for some reason.
Thanks for the workaround, Mr. Hertel!
