We help IT Professionals succeed at work.

Vulnerability scanning HP iLo's and On Board administrators

Kevin Spencer
on
448 Views
Last Modified: 2017-04-22
Hey Guys,

This is a question/best practices advice...
We have several dedicated subnets for On board administrator/iLO cards in HP C7000 enclosures. These are older cards and enclosures so there is not an upgrade path to the latest firmware without replacing hardware, so we are stuck with TLS 1.0. These subnets are being scanned with every scheduled scan that is taking place, so you would expect the results to be the same scan after scan. However, this is not the case, (the security group is using Qualys, and I am not sure how the scan itself is configured)  one scan will detect the presence of TLS 1.0 and all the related vulnerabilities, the next scan (may or may not) see TLS/SSL present at all on the same device, then the next scan will detect the TLS finding again. This flip flopping looks like the the vulnerabilities on these devices are repeatedly being closed and reopened when we know that there state is not changing.
The onboard administrator card is the interface for all the ilo's in the chassis, working out what the scanner is doing with it's default configuration each individual IP is being with 1,700 TCP and 800 UDP probes, times that by 16 ilo ip's and one OA ip, that's a lot of traffic for a low powered device that is not designed to have that amount of traffic sent to it.
So the question is, what are the best practices for scanning these types of devices? I am presuming having a separate group configured in the scanner that sends a smaller amount of traffic than the default would produce more consistent and accurate results?
Comment
Watch Question

Exec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Advice given

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.