Hey folks - first, thanks for a tremendous tool and all the effort put into 
this over the years (the documentation is really stellar as well, something 
that is both rare and apparently under-appreciated in open source.)  I've a 
couple of questions that I hope are suited this venue; if not please forgive 
me, and if you could suggest a better forum I'd appreciate it.

I'm doing a bit of research on IPMI and BMC security (more like IPMI++, since 
I'm doing work with some of the various offshoots; iDRAC, iLO, etc.)  Currently 
I'm pulling various bits of data from the IPMI interface - ideally I'd like to 
*remotely* get as much as possible about the configuration and state of the BMC 
and IPMI configuration, and I plan to use your tool along with nmap, SMASH/CLP 
(don't laugh too much, at least its modestly cross platform ;)), and some duct 
tape and bailing wire to gather data.  Think of it more as a snapshot or audit 
effort rather than any sort of continuous monitoring.

Q-1) I'm familiar with the nagios and other folks who are all about gathering 
BMC sensor data… but I can't find a general IPMI data sucker  (e.g. get all the 
stuff that ipmitool will get me in one fell swoop, even though under the hood 
it might be doing lots of queries) anywhere; has anyone written such a thing?  
(It'd have to be non-commercial, or at least free to distribute.)

[meta note: the README file in the contrib subdirectory has a broken url: 
http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/ - seems as though the user 
moved on.  As such one can't see any sample output to the scripts or what they 
really collect without perusing the source or hunting around.   In particular 
the file "oem_ibm_sel_map" is pretty opaque and not referenced by anything but 
the makefile in the contrib… is this used anywhere except in comments (and if 
so, a one-liner somewhere explaining would be great)? :) ]


Q-2) In the absence of someone else having something I can steal, my current 
thought would be to simply toss all the various ipmitool gathering options 
(e.g. fru, sel, pef, etc.) in a file, exec them all, and stash the resultsin 
something like JSON for safekeeping and post-processing.  So again… has anyone 
done anything like this?  Assuming that what I'm looking is all that data, even 
if you think I'm foolish wanting it, is that a reasonable way to collect it?  
It'd be great to have any tricks or tips.   (Size of output is not an issue.  
Heck, I'd snarf up BMC flash storage and RAM as well, if I could find a 
reasonable way of doing so remotely!)  I'd be happy to share pre-distributed 
versions if anyone is burning with curiosity, has a use for such a thing, or 
would be willing to discuss various ways to build a better mousetrap.

Q-3) Finally - I'm writing up a bit of an analysis on IPMI/BMC/++ security; if 
there is a person or two here who are interested in such things I would love a 
real IPMI expert to give feedback (I'm not an IPMI expert by any stretch of the 
imagination, though I might have some unusual thoughts on IPMI security); I'll 
just say as a warning I'll be asking for no one to redistribute it prior to my 
putting it out, which will hopefully be in about 30-60 days or so.

Thanks again (mac support in particular is greatly appreciated as well.)

dan

p.s.  Also - if anyone has any thoughts or scripts or tools or anything on how 
to remotely identify systems running IPMI I've yet another simple tool to start 
doing this (obviously if they answer to an RMCP ping that's a win, but I'm 
talking about on a larger network scale where firewalls and network 
topologies), and would welcome any conversations on that also.

p.p.s. For context some of my earlier work may be found at 
http://fish2.com/security

^..^

------------------------------------------------------------------------------
The Windows 8 Center - In partnership with Sourceforge
Your idea - your app - 30 days.
Get started!
http://windows8center.sourceforge.net/
what-html-developers-need-to-know-about-coding-windows-8-metro-style-apps/
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel

Reply via email to