[Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
Nick Hilliard
nick at inex.ie
Tue Apr 9 17:37:54 CEST 2013
On 09/04/2013 16:33, john wrote:
> I have now disabled IPv6 on all anchor idrac interfaces :(.
right. that explains:
> Notification Type: PROBLEM
> Host: ripe-atlas-drac-v6
> State: DOWN
> Address: 2001:7f8:18:140::4
> Info: PING CRITICAL - Packet loss = 100%
>
> Date/Time: Tue Apr 9 16:27:12 IST 2013
I was going to squeak about it, but no need now.
> As to the general question of filtering. We originally requested that
> all interfaces be positioned in your network with no filtering on either
> the idrac or the service lan. However this is a pilot and given the
> issues with the idrac's ability to filter, may need to change
If only iDRAC was built on linux or some other similar system with good
quality kernel firewalling. Oh wait!
Nick
More information about the Atlas-anchors-pilot
mailing list