Dobrica Pavlinušić's random unstructured stuff
Dell RAC: Revision 12
DellRemoteAccessController5Security.Pdf
DellRemoteAccessController4Security.Pdf I will try to collect useful protocol information about Dell's (actually ""<>) RAC protocol My main goal is to use Dell RAC from Linux, without all troubles described in my blog post Proprietary ports
Supported SSL Cipher SuitesDRAC 5 supports SSL version 3 and TLS version 1.0. The following are ciphers supported on DRAC 5:
IPMI RMCP+ EncryptionDRAC 5 IPMI over LAN and SOL use RMCP+ for Authentication and Key exchange. For details on the RMCP+ protocol, see the IPMI 2.0 specification. DRAC 5 IPMI supports the following encryption algorithms:
Console Redirection SecurityAuthentication and EncryptionDRAC 5 can continuously redirect the managed system's video, keyboard and mouse (KVM) to the management station. It is a very powerful feature, is very easy to use, and does not require any software installation on the managed system. A user can access this feature to remotely manage the system as if they were sitting in front of the system. A security authentication and encryption protocol has been implemented in console redirection to prevent a hostile, rogue client from breaking into the console redirect path without authenticating though the web server. 128-bit SSL encryption secures the keyboard keystrokes during the remote console redirection and therefore does not allow unauthorized "snooping" of the network traffic. The following sequence of security protocol operations is performed during the establishment of a console redirection session:
Video redirectionroot@klin:~# ssldump -r /tmp/rac_t1.pcap New TCP connection #1: klin.local(52028) <-> 10.60.0.102(5900) 1 1 0.0148 (0.0148) C>S Handshake ClientHello Version 3.0 cipher suites SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA compression methods NULL 1 2 0.0165 (0.0016) S>C Handshake ServerHello Version 3.0 session_id[0]= cipherSuite SSL_RSA_WITH_RC4_128_MD5 compressionMethod NULL |