[Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers

Tore Anderson tore.anderson at redpill-linpro.com
Mon Apr 1 15:08:06 CEST 2013

Previous message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
Next message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Nick Hilliard

> our atlas idrac config is firewalled off and only the RIPE NCC address
> range has access.  Just checked it out for community public and it doesn't
> answer.

As per Romeo Zwart's setup guidelines, we have located our anchor
outside of any firewalls or similar devices, and provide only "pure"
unfiltered internet access.

There is a mention in the guidelines of which IP ranges needs to be
allowed to the iDRAC port, quote, "If applicable (e.g., when behind a
firewall or router ACL)", though. I wouldn't have any problems adding an
ACL on the port, but considering that the NCC's recommended setup is to
not have it, I'm happy to oblige - after all, setting it up just more
work for me.

-- 
Tore Anderson
Redpill Linpro AS - http://www.redpill-linpro.com/

Previous message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
Next message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]