Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - n2vi

Pages: [1]
Firmware / Re: network card to reduce attack surface?
« on: April 14, 2022, 12:59:33 pm »
It might be enough (from the BMC serial port) to say "ifconfig eth0 down", which I've done.
I'm not enough of an expert in the firmware's network stack to feel confident that's all I need.

Firmware / Re: network card to reduce attack surface?
« on: April 14, 2022, 11:55:29 am »
Thanks for the quick response!

I should have clarified in my question that I'm running TalosII and definitely can ssh to the BMC through the main ports. I don't have a Blackbird, so can't say what is possible there but if I'm looking at the correct schematic off Raptor's site it would seem to have the same issue.

It is the bmcweb process I see running on the BMC that particularly prompted me to be nervous, but I haven't investigated that in detail. A potential pre-auth ssh vulnerability is enough to make me want the air-gap anyway.

Firmware / network card to reduce attack surface?
« on: April 13, 2022, 11:43:07 am »
I have updated the BMC firmware in the past [see 2021-03-21 post], but as time passes I'm uncomfortable with the attack surface exposed by the BMC listening on the motherboard network ports. My current solution is to unplug from those and instead add a network card on the PCI bus. I still have serial connections for BMC and POWER for doing system administration.

Is there a simpler way to achieve this? Perhaps a BMC configuration trick that disables NC-SI?

Firmware / experience updating TalosII firmware
« on: March 21, 2021, 03:36:35 pm »
There are some comments in the Forum that newcomers to updating
the firmware based only on instructions scattered through the wiki find
it a lot to handle solo. I'm newbie as well but had success so thought
I'd share my experience:

My motivation was installing OpenBSD, but it may help others too.

Pages: [1]