Hacker News new | past | comments | ask | show | jobs | submit login

Sure, I've always segregated BMC dedicated ports to a non-connected network. But the BMC can also talk on the regular ethernet ports whenever it feels like it.



It can usually only vampire onto the first ethernet port. Depends on the motherboard, whether both ports are e.g. Intel, or one Intel, the other something else. Also, usually only 1000base-T not 10G.


I'm sure even 10baseT is more than enough to phone home.


The 1000base-T ports are often not connected to the production network, only the 10G.


[flagged]


The IPMI module can do DMA. It would be trivial to shim into the running kernel and talk to any interface the host has.


But that means the implant has to be active on every server, actively patching the kernel (and how long would that patch work with kernel changes). It would cause bugs, and be likely to be discovered. Maybe an option on a specific machine that you knew was being used by the target.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: