Security/Encryption of Remote Console connection

Michael McCallum · ‎06-10-2008

I am looking for information on the network traffic formats used for the Integrated Remote Console in ILO2.

I can see the default port is 23 (from Administration --> Services), but can't find any information about traffic over this connection.

I am assuming that while the initial web interface authentication credentials are encrypted via SSL over port 443, the remote console session credentials sent over port 23 will not be encrypted, nor will the data stream. Thus the connection should be resilient to replay attacks but vulnerable to session hijacking and information disclosure.

I would (very much!) appreciate links to official HP documentation on this subject.

Blazhev_1 · ‎06-14-2008

Hi Michael,

here is an advanced document explaining all ilo Security design aspects :

http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00212796/c00212796.pdf

port 23 is telnet, which is unsecure protocol(not only for ilo).

Cheers

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Security/Encryption of Remote Console connection

Security/Encryption of Remote Console connection

Re: Security/Encryption of Remote Console connection