Server Remote Control iLO Boards Found on Shodan

I’ve been spending way too much time with Shodan (the computer search engine) lately. But what really bothers me is, every time I put time into searching for new things, I find them. And many times what I find boggles the mind.

Recently I found several search terms that bring up built in Server remote control iLO boards.

Integrated Lights Out, or iLO boards are installed on many servers. They are remote support solutions that allow an administrator to  log into the computer and manage it from afar. Most allow complete control of the server including remote keyboard and mouse, the ability to power cycle the system and mount and access additional media remotely.

So far, I have found eight unique search strings on Shodan (like this) that reveal iLO boards for Dell, HP, Fujitsu and Sun servers.

When I was a server team guy for a large corporation, we regularly used these to completely set up and configure heavy duty servers that were located in different states. The local IT techs would unbox the server and plug it into a network jack. We would then log in to the iLO and install the Operating System, web apps, or whatever else was needed, remotely, without ever physically touching the box.

We also used them for trouble shooting. If a remote server had locked up and not responding at all, we would log in remotely to the iLO board and be able to service the system. Again without ever physically touching the system.

The fact that iLO boards can be found online is rather concerning. Granted many are there purposefully (so they can be remotely managed!) and are protected by a strong password. But several appeared to be using the default password.

If your company uses iLO boards on your servers, check them and make sure you are not using the default passwords! Change iLO passwords to long complex strings that you would use on any important system that is publicly available online. Disable or remove iLO boards (check your documentation) if they are not needed.

A little security can go a long way in protecting your servers from online threats.

~ by D. Dieterle on June 13, 2013.

One Response to “Server Remote Control iLO Boards Found on Shodan”

  1. Reblogged this on lava kafle kathmandu nepal <a href="https://plus.google.com/102726194262702292606&quot; rel="publisher">Google+</a>.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: