On 05/09/2017 03:49 AM, Greg Freemyer wrote: trimmed stuff
Lots of servers in datacenters have a IPv4 routable IP and no external firewall. I have 2 of those, but neither has Intel AMT. If they did I'd have to talk to the hosting company about how to shutdown those ports.
Or put another simple firewall upstream. Or de-provision the AMT But yes, I've always had linux as my firewall and router on the assumption that I could control it better than some flimsy and never-updated gateway router. Now some kind of small gateway router is looking better and better. Preferably something that can show you a list of connections. That's really the only way you can find any hardware embedded outbound connections AND prevent these hardware open-port back doors. My current firewall computer is too old to have this flaw. But thousands of vulnerable machines were found on the internet is a brief scan according to the articles. -- After all is said and done, more is said than done. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org