[Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers

• Previous message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
• Next message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Our experience has the same as Nick's.  Not in the sense that there is a firewall between the Atlas device and the Internet.  Rather, in the sense that the iDRAC just doesn't respond to things that don't come from the NCC.  

--Richard



On Apr 1, 2013, at 9:08 AM, Tore Anderson <tore.anderson at redpill-linpro.com> wrote:

> * Nick Hilliard
> 
>> our atlas idrac config is firewalled off and only the RIPE NCC address
>> range has access.  Just checked it out for community public and it doesn't
>> answer.
> 
> As per Romeo Zwart's setup guidelines, we have located our anchor
> outside of any firewalls or similar devices, and provide only "pure"
> unfiltered internet access.
> 
> There is a mention in the guidelines of which IP ranges needs to be
> allowed to the iDRAC port, quote, "If applicable (e.g., when behind a
> firewall or router ACL)", though. I wouldn't have any problems adding an
> ACL on the port, but considering that the NCC's recommended setup is to
> not have it, I'm happy to oblige - after all, setting it up just more
> work for me.
> 
> -- 
> Tore Anderson
> Redpill Linpro AS - http://www.redpill-linpro.com/
> 
> _______________________________________________
> Atlas-anchors-pilot mailing list
> Atlas-anchors-pilot at ripe.net
> https://www.ripe.net/mailman/listinfo/atlas-anchors-pilot

• Previous message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
• Next message: [Atlas-anchors-pilot] iDRAC cards are potential DDoS amplifiers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]