Controlling HP Moonshot with ipmitool

I've been driving the HP Moonshot environment over the network with ipmitool, and found it not altogether straightforward. One of the HP engineers told me:
Yeah, we had to jump through some hoops to extend IPMI’s single-system view of the world into our multi-node architecture.
That is exactly why it's confusing. Everything here works reasonably well, but users have to jump through all of the hoops that the product engineers lined up for us.

Compatibility
The build of ipmitool that ships with OS X (2.5b1) doesn't support the Moonshot's double-bridged topology, so I'm using the one that ships with macports (1.8.12). To check whether your version of ipmitool is compatible, run ipmitool -h and look to see whether it supports both the single-bridge (-b, -t) and double-bridge (-B, -T) command line options. If it does, then it's probably okay.

Bridging
Using IPMI over the network with a regular rack server is pretty straightforward. You specify the device by name or IP, the user credentials and the command/query you want to run. That's about it. Such a command might look like this:

 ipmitool —H <IPMI_IP> -U <user> —P <password> —I lanplus chassis identify force

The command above Continue reading

Malware used in White House and State Department hacks possibly linked to Russia

The group of attackers behind cyberintrusions at the White House and the Department of State last year used malware that bears strong similarities to cyberespionage tools suspected to be of Russian origin.Security researchers from Kaspersky Lab have dubbed the cyberespionage group CozyDuke and said that it has blatantly targeted high-profile victims since the second half of last year. Its toolset includes malware droppers, information-stealing programs and backdoors that have antivirus evasion capabilities and make use of cryptography, the researchers said Tuesday a blog post.To read this article in full or to leave a comment, please click here

Qualys devises a virtual patch to protect against vulnerabilities

If you can’t wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer, through new security software that can secure the trouble spot until the patch arrives.The feature, called virtual patching, comes with the newly released version 2 of the company’s Web Application Firewall, a set of software for securing Web applications against malicious behavior.Virtual patching can address one of the most thorny problems in enterprise IT security, that of protecting against a recently discovered software flaw. Sometimes attackers can start misusing a software bug as soon as it is discovered —- this is called a zero day flaw.To read this article in full or to leave a comment, please click here

SSL certificate flaw allows hackers to crash devices running iOS 8

A flaw in iOS 8 would allow attackers to render devices running the mobile OS useless if they’re within range of a fake wireless hotspot, according to researchers from security firm Skycure.The vulnerability exploits an issue in how iOS 8 handles SSL certificates. By manipulating the certificates, researchers found they were able to get apps running on iPads, iPhone and iPods as well as the OS to crash. In other instances, the researchers placed the devices in a constant reboot cycle.Yair Amit and Adi Sharabani, Skycure’s CTO and CEO, respectively, discussed the flaw, called “No iOS Zone,” Tuesday during a session at the RSA conference and talked about their findings in a blog post on Wednesday.To read this article in full or to leave a comment, please click here

Senate leader introduces bill to extend Patriot Act surveillance

The majority leader of the U.S. Senate has introduced a bill that would extend the surveillance provisions of the Patriot Act until 2020, instead of expiring on June 1.The bill, introduced by Senator Mitch McConnell Tuesday night, would extend section 215 of the Patriot Act, the controversial part of the law that the U.S. National Security Agency has used to collect U.S. telephone records in bulk. Many digital and civil rights groups have protested the NSA phone records collection program, saying it violates the Fourth Amendment of the U.S. Constitution protecting the country’s residents against unreasonable searches and seizures.To read this article in full or to leave a comment, please click here

The VPLS & MPLS IP VPN Buyers Field Guide

VPLS & MPLS IP VPN Procurement step by step – every IT Managers key area documented.

Author information

Sponsored Blog Posts

The Packet Pushers work with our vendors to present a limited number of sponsored blog posts to our community. This is one. If you're a vendor and think you have some blog content you'd like to sponsor, contact us via [email protected].

The post The VPLS & MPLS IP VPN Buyers Field Guide appeared first on Packet Pushers Podcast and was written by Sponsored Blog Posts.

EMC Syncplicity lets enterprises manage their own encryption keys

Some enterprises that are happy to put their data in a public cloud prefer to keep the keys to that data under their own control. That’s the message online file sync and sharing services are sending lately.On Wednesday, EMC’s Syncplicity division announced Customer Managed Keys, a feature that lets enterprises store the encryption keys for their Syncplicity shared data on a rights management server on their own premises. It’s a new option in addition to having the keys stored in Syncplicity’s cloud.The announcement came just a couple of months after rival Box released its own private key-management feature into beta testing. That system, called EKM (Enterprise Key Management), may become generally available on Wednesday at the Box Dev conference in San Francisco. EKM likewise was added as an alternative to keeping keys in the vendor’s cloud.To read this article in full or to leave a comment, please click here

EMC Syncplicity lets enterprises manage their own encryption keys

Some enterprises that are happy to put their data in a public cloud prefer to keep the keys to that data under their own control. That’s the message online file sync and sharing services are sending lately.On Wednesday, EMC’s Syncplicity division announced Customer Managed Keys, a feature that lets enterprises store the encryption keys for their Syncplicity shared data on a rights management server on their own premises. It’s a new option in addition to having the keys stored in Syncplicity’s cloud.The announcement came just a couple of months after rival Box released its own private key-management feature into beta testing. That system, called EKM (Enterprise Key Management), may become generally available on Wednesday at the Box Dev conference in San Francisco. EKM likewise was added as an alternative to keeping keys in the vendor’s cloud.To read this article in full or to leave a comment, please click here

9 tips for speeding up your business Wi-Fi

The days are long past when a fast office Wi-Fi connection was a nice-to-have. These days it's essential for your business to provide clients and employees alike with a speedy, reliable wireless network.6. Disable lower data rates and standardsTo read this article in full or to leave a comment, please click here(Insider Story)

The state of mobile payments in 2015

Mobile payments in 2015Image by ShutterstockApple, Starbucks and Disney are all strong brands with loyal followings, but they also have something else in common: They're early leaders in the ever-evolving mobile payments market.Some analysts predict 2015 will be the first year all the pieces — including a larger base of NFC-enabled devices and terminals, and growing consumer acceptance — come together to take mobile currency mainstream. A number of additional companies are also entering the world of mobile payments, such as American Express, which you might expect to see, and Jawbone, which might seem surprising.To read this article in full or to leave a comment, please click here

Crypto gurus: The government’s key escrow plan won’t work

Cryptography experts at the RSA security conference on Tuesday picked holes in U.S. plans to require that law enforcers be given a way to break encryption to exercise lawful intercept rights.U.S. government officials have been increasingly hostile over the past year to the widespread use of encryption on mobile phones and online communications, arguing that a way needs to be found to provide law enforcement and intelligence agencies with lawful interception capabilities.In response, security experts warned that building “back doors” into cryptographic systems in order to provide governments with access to data would be dangerous because it would create vulnerabilities that could later be exploited by hackers too.To read this article in full or to leave a comment, please click here

1 3,562 3,563 3,564 3,565 3,566 3,877