![]() For example you can use the HPQLOCFG utility, the HPONCFG utility or the HPE Powershell cmdlets. There are a few options for passing this script to a server. The RIBCL scripting functionality is a way to change settings through an upload of an XML file to the iLO. It seems that the only method to change this setting programatically is through a RIBCL script. If you have a lot of servers you probably want to automate/script this. Change the IPMI/DCMI over LAN Access to "Disabled".In the iLO web interface go to Administration -> Access Settings. ![]() You have a few options for disabling the IPMI setting: iLO Web GUI: If you have verified that you don't need the functionality HPE recommends to disable it. If you need the functionality you should try to mitigate potential risks by isolating the iLO network, use strong passwords that are changed regularly etc. Note that iLO versions 2, 3 and 4 have the IPMI over LAN access enabled by default whereas iLO version 5 has disabled this by default. This is not a new vulnerability and since this is a part of the specification of the protocol there is no fix for it besides disabling it or accepting it. The IPMI protocol can present a security vulnerability where the authentication process for IPMI requires a server to send a hash of a user password to the client before authentication. This article will describe how you can disable the IPMI over LAN access on HPE iLO.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |