Another week, another exploit - this time in Intel's management engine

Rob Seastrom rs at seastrom.com
Sun May 7 07:47:57 CDT 2017


Your firewall should block everything incoming by default. 

People who put the management port of servers directly on the internet (don't laugh, people do that!) get exactly what they deserve. 

-r

Sent from my iPad

> On May 6, 2017, at 21:13, Nan and Sandy Sanders <radiodog77 at pobox.com> wrote:
> 
> If I understand it,if my firewall blocks ports 16992 and 16993 I am good against outside attack but not from a compromised machine on my internal network.
>     Sandy
>    wb5mmb
> 
> 
> At 05:04 PM 5/6/2017, Rob Seastrom wrote:
> 
>> Affected systems are pretty much all server class machines and *some* consumer machines.
>> 
>> <https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/>https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
>> 
>> 
>> Exploit details here...
>> 
>> 
>> <https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf>https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf
>> 
>> 
>> Sent from my iPad
>> _______________________________________________ Tacos mailing list Tacos at amrad.org https://lists.amrad.org/mailman/listinfo/tacos



More information about the Tacos mailing list