[11:47 CEST] We are encountering a power outage in Frankfurt data center (FRA-10). This power outage...
Disabling KVM ILO for servers labeled DD
In late April, there were numerous facts of hacking servers in the data center. Attackers got root access to servers and used them for various purposes - miners, zombies for DDOS attacks, etc. Later it was figured the vulnerable is because of permanently available ip-kvm access. It was through vulnerabilities in ILO software that grants access to an operating systems at the end.
Unfortunately, this is not the first time a critical vulnerabilities found in the ILO software. In this case, the software is not open and free, like linux, and, accordingly, the user community can not quickly fix the problem.
Guided by these considerations, the datacenter Myloc AG disabled all the online ip-kvm. Within a month, a new access system was being developed, which is now being tested.
For now working with ip-kvm looks like this:
- the user has a previously issued username and password for ip-kvm;
- the user, if necessary, requests activation of ip-kvm in technical support;
- the data center issues temporary IPv4 for a period of 1 to 72 hours;
- the user uses the received IP and his login / password to access ip-kvm;
if necessary, the user can request the disconnection of ip-kvm before the end of the IP lease period.
At the moment there is no fee for turning on / off ip-kvm, and the number of connection requests is unlimited.
We apologize for any inconvenience, but, unfortunately, this is a compulsory measure.