Hey folks - first, thanks for a tremendous tool and all the effort put into
this over the years (the documentation is really stellar as well, something
that is both rare and apparently under-appreciated in open source.) I've a
couple of questions that I hope are suited this venue; if not please forgive
me, and if you could suggest a better forum I'd appreciate it.
I'm doing a bit of research on IPMI and BMC security (more like IPMI++, since
I'm doing work with some of the various offshoots; iDRAC, iLO, etc.) Currently
I'm pulling various bits of data from the IPMI interface - ideally I'd like to
*remotely* get as much as possible about the configuration and state of the BMC
and IPMI configuration, and I plan to use your tool along with nmap, SMASH/CLP
(don't laugh too much, at least its modestly cross platform ;)), and some duct
tape and bailing wire to gather data. Think of it more as a snapshot or audit
effort rather than any sort of continuous monitoring.
Q-1) I'm familiar with the nagios and other folks who are all about gathering
BMC sensor data… but I can't find a general IPMI data sucker (e.g. get all the
stuff that ipmitool will get me in one fell swoop, even though under the hood
it might be doing lots of queries) anywhere; has anyone written such a thing?
(It'd have to be non-commercial, or at least free to distribute.)
[meta note: the README file in the contrib subdirectory has a broken url:
http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/ - seems as though the user
moved on. As such one can't see any sample output to the scripts or what they
really collect without perusing the source or hunting around. In particular
the file "oem_ibm_sel_map" is pretty opaque and not referenced by anything but
the makefile in the contrib… is this used anywhere except in comments (and if
so, a one-liner somewhere explaining would be great)? :) ]
Q-2) In the absence of someone else having something I can steal, my current
thought would be to simply toss all the various ipmitool gathering options
(e.g. fru, sel, pef, etc.) in a file, exec them all, and stash the resultsin
something like JSON for safekeeping and post-processing. So again… has anyone
done anything like this? Assuming that what I'm looking is all that data, even
if you think I'm foolish wanting it, is that a reasonable way to collect it?
It'd be great to have any tricks or tips. (Size of output is not an issue.
Heck, I'd snarf up BMC flash storage and RAM as well, if I could find a
reasonable way of doing so remotely!) I'd be happy to share pre-distributed
versions if anyone is burning with curiosity, has a use for such a thing, or
would be willing to discuss various ways to build a better mousetrap.
Q-3) Finally - I'm writing up a bit of an analysis on IPMI/BMC/++ security; if
there is a person or two here who are interested in such things I would love a
real IPMI expert to give feedback (I'm not an IPMI expert by any stretch of the
imagination, though I might have some unusual thoughts on IPMI security); I'll
just say as a warning I'll be asking for no one to redistribute it prior to my
putting it out, which will hopefully be in about 30-60 days or so.
Thanks again (mac support in particular is greatly appreciated as well.)
dan
p.s. Also - if anyone has any thoughts or scripts or tools or anything on how
to remotely identify systems running IPMI I've yet another simple tool to start
doing this (obviously if they answer to an RMCP ping that's a win, but I'm
talking about on a larger network scale where firewalls and network
topologies), and would welcome any conversations on that also.
p.p.s. For context some of my earlier work may be found at
http://fish2.com/security
^..^
------------------------------------------------------------------------------
The Windows 8 Center - In partnership with Sourceforge
Your idea - your app - 30 days.
Get started!
http://windows8center.sourceforge.net/
what-html-developers-need-to-know-about-coding-windows-8-metro-style-apps/
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
