Jul 2, 2015 at 6:32 pm
I think you definitely want this stuff as far away from the regular
LAN, let alone the Internet, as possible.
: I've used those for devices that were fairly dumb, but for servers it can be nicely cheaper to use serial-over-ipmi plus conman for that purpose. It's necessary to log and monitor the serial consoles, there are a variety of OOPses and BUGs and whatnot that only appear there. I've been using 'conman' for this purpose. I totally agree with you about having a separate admin-only network. It's not that expensive to build one up using dumb switches. -- greg
: +1 for this. We typically put all management ports for a 'system/project' on a sep. non-routed eth. segment to which only the, for the 'system/project', designated management servers can connect. It is probably a good idea to consider random ethernet connected 'things' as soft security wise and not suitable for the big bad internet... As for bios/firmware on servers the best one can do is to use non-deprecated hardware from responsible vendors and keep up to date with their sec. info and update
[CentOS] CentOS-announce Digest, Vol 125, Issue 11
[CentOS] why no recent bind update for CentOS 6?
[CentOS] Multiple network cards - routing issue?
[CentOS] Automated Reply from Gary Rixon <email@example.com>
[CentOS] Fedora change that will probably affect RHEL
[CentOS] C6.6 Gnome panel problem
[CentOS] Stickers for people in the EU
[CentOS] how to determine what's installed from a repository?
[CentOS] wicd problem 0: i have started having problems wicd and network connections
4 of 5
Jul 2, '15 at 10:11a
Jul 6, '15 at 8:28a
5 users in discussion
Greg Lindahl (1)
Paul Heinlein (1)
Chris Murphy (1)
Chris Olson (1)
Peter Kjellström (1)
Groups & Organizations
site design / logo © 2022 Grokbase