This allows me to run a script once a minute that ensures everything but http and ssh is Using /conf/crontab, as dlawson pointed out, sounds like an excellent idea to me. There are /conf/shadow and /conf/webshadow files, with mysterious 'test' IDs in them, which doesn't make me feel particularly comfortable either. The default is ADMIN / ADMIN, but none of the files in /conf or /etc have 'ADMIN' in them, which rather worries me. I'd also be interested in how I might verify the list of names and passwords that can be used to access the system through all of the various services. Does anybody who has used one of these have some specific suggestions on how to secure the thing? It boots from what is essentially a ROM filesystem, and there don't even seem to be any hooks to turn off any of the various servers it runs. However, I do want the IPMI functionality. Unfortunately, it's running a boatload of software, much of which I don't need, and I don't have the ability to put it behind a firewall. It turns out to be a small Linux system running on an ARM processor. I've recently acquired a SuperMicro X8DTU-F motherboard, which has a built-in BMC, which basically runs the IPMI system.
0 kommentar(er)
