Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

Security/Encryption of Remote Console connection

Highlighted
Michael McCallu
Acclaimed Contributor

Security/Encryption of Remote Console connection

I am looking for information on the network traffic formats used for the Integrated Remote Console in ILO2.

I can see the default port is 23 (from Administration --> Services), but can't find any information about traffic over this connection.

I am assuming that while the initial web interface authentication credentials are encrypted via SSL over port 443, the remote console session credentials sent over port 23 will not be encrypted, nor will the data stream. Thus the connection should be resilient to replay attacks but vulnerable to session hijacking and information disclosure.

I would (very much!) appreciate links to official HP documentation on this subject.
1 REPLY
Blazhev_1
Regular Collector

Re: Security/Encryption of Remote Console connection

Hi Michael,

here is an advanced document explaining all ilo Security design aspects :

http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00212796/c00212796.pdf

port 23 is telnet, which is unsecure protocol(not only for ilo).

Cheers
//Add this to "OnDomLoad" event