Hardware Servers Hack Via IPMI
Recently a number of data centers have been facing up to various attacks/hacks of their hardware servers. The main aim of the hackers is to obtain root access with administrator’s rights.
Theoretically, the data centers must secure the provided hardware against given attacks, but in practice – only a few of them do.
On experiencing this, we immediately took the responsibility for protecting the servers via IPMI to suppress all the further hacker illegal attempts.
Though, we’d like to warn all the market players against IPMI hacking that is widespread nowadays.
To hunt and detect the hacker is almost impossible for their making use of various proxy servers.
A recommendation by one of data centers Authorities:
“Related with the cases of servers hacking via IPMI (further reboot and user creating with administrative rights to the OS), and for the security of your server, it’s highly recommended to change/update IPMI passwords for security reasons regularly, do not store passwords in your mailbox and/or browsers,as well as make sure you have an updated firmware versions.
Please update IPMI Firmware to the latest version (there is a link to the IPMI firmware on the website of your motherboard’s manufacturer) and change your password (using not less than 15 characters, including numbers, as well as small and capital letters).”
We’d like to add – please do never send login/passwords via social apps and systems of communication! Only a single blunder will turn you into hackers’ target. Further complaints and blames on your software and/or hardware providers will not compensate your losses.