# Seems like UrPad was hit by the IPMI Vuln.



## MartinD (Jun 24, 2014)

Things don't look to good for them at the moment - hopefully they recover quickly!


----------



## trewq (Jun 24, 2014)

Wow, that's bad luck. Hopefully all their backups restore properly.

On a side note, why did they have IPMI on a public facing network? I understand it may have been their decision but when you have 8 nodes wouldn't the provider be a bit flexible with the request?


----------



## Cloudrck (Jun 24, 2014)

trewq said:


> Wow, that's bad luck. Hopefully all their backups restore properly.


I wouldn't say it was bad luck, they had a forward facing out of band management interface. I don't understand why any would do that, but even so this is after several security researchers noted of numerous security issues. There is no reason to have an interface that doesn't really receive updates connected to the internet. Especially one that can completely nuke a server.


----------



## trewq (Jun 24, 2014)

Cloudrck said:


> I wouldn't say it was bad luck, they had a forward facing out of band management interface. I don't understand why any would do that, but even so this is after several security researchers noted of numerous security issues. There is no reason to have an interface that doesn't really receive updates connected to the internet. Especially one that can completely nuke a server.


I covered that in my second paragraph.


----------



## drmike (Jun 24, 2014)

Thanks for posting this @MartinD, someone sent it to me and I was busy 

Text of it for others to find/read...



> Dear,
> 
> 
> 
> ...


----------



## Hxxx (Jun 24, 2014)

same DC as semoweb? or coincidence? or one own the other? partner companies?


----------



## Steven (Jun 25, 2014)

Same parent company - Root Level Tech


----------



## wlanboy (Jun 29, 2014)

Not all servers were hit.

My vps was not part of this desaster - at least.


----------



## BrianHarrison (Jun 29, 2014)

Anyone know what brand/vendor/version of IPMI they were running?


----------



## drmike (Jun 30, 2014)

Supposedly Supermicro and the latest version.


----------



## Enterprisevpssolutions (Jun 30, 2014)

That sucks considering that the bug has been around for a while just now making news. Why would anyone use a ipmi device on a public interface makes no sense.


----------

