Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
simonassens
Beginner
Beginner

iLO interface configuration

0 Likes
2 Replies
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor

These documents can be difficult to find on RSA Link because the word iLOM is used instead of iLO, but if you search for iLOM or RMM4 or BMC, you will find 

000030824 - How to configure remote BMC - RMM4 management for the Authentication Manager 8.1 SecurID Intel hardware Appliance 250 

which outlines what to do in BIOS to enable the iLO port, and has 2 iLO PDFs attached at the bottom.

 

There is a reported vulnerability on this port on the Intel Appliances, CVE-2013-4784 which could allow remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. A fix has been provided by Intel for this, which has been vetted thorugh EMC, but the initial RSA testing ran into problems, so we are waiting on an update to address this. The RSA Jira tracking bug is AM-29766 - Intel AM Appliance shows Cipher Suite 0 vulnerability on iLO, BMC, RMM4 remote management port.

 

We will attempt to provide as much assistance to you as possible in this area.

0 Likes

0 Likes