[Beowulf] Hacked MBs It was only a matter of time

Ellis H. Wilson III ellis at ellisv3.com
Thu Oct 4 08:40:26 PDT 2018

On 10/04/2018 11:17 AM, Jeff Johnson wrote:
> I respectfully disagree. The BMCs in modern server designs are plumbed 
> to every onboard network interface on the motherboard. So it’s not just 
> a matter of the “dedicated management port”. The chip would have access 
> to every onboard LAN. If any network was routable to the outside it 
> would be potentially be able to engage in its designed activities >
> While many HPC environments are walled gardens this chip scandal would 
> impact “HPC in the cloud” activities.
> Just my $.02 worth

Fair points Jeff -- a colleague of mine actually just raised that point 
before I saw your email.  It seems some, but not most, of the servers we 
were looking at have such an interconnected BMC.

This design choice does not appear (at least at first glance) to be 
associated with age of the system.  It's an unfortunate situation either 
way.  One would really like your BMC to be isolated as much as humanly 

I do find it funny though in the article that the main actors are stuck 
in a deny-loop.  My cynicism meter is high today.



Ellis H. Wilson III, Ph.D.

More information about the Beowulf mailing list