On 10/04/2018 11:17 AM, Jeff Johnson wrote:
I respectfully disagree. The BMCs in modern server designs are plumbed
to every onboard network interface on the motherboard. So it’s not just
a matter of the “dedicated management port”. The chip would have access
to every onboard LAN. If any network was routable to the outside it
would be potentially be able to engage in its designed activities >
While many HPC environments are walled gardens this chip scandal would
impact “HPC in the cloud” activities.
Just my $.02 worth
Fair points Jeff -- a colleague of mine actually just raised that point
before I saw your email. It seems some, but not most, of the servers we
were looking at have such an interconnected BMC.
This design choice does not appear (at least at first glance) to be
associated with age of the system. It's an unfortunate situation either
way. One would really like your BMC to be isolated as much as humanly
possible.
I do find it funny though in the article that the main actors are stuck
in a deny-loop. My cynicism meter is high today.
Best,
ellis
--
Ellis H. Wilson III, Ph.D.
www.ellisv3.com
_______________________________________________
Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing
To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf
