Hi,
I often see in forums (not just IPFire) that the hardware features of servers are mentioned.
I wonder if this would help hackers. Fantasizing, I tried to put myself in the mind of a hacker and and came up with 2 different scenarios…
Scenario 1:
If a hacker knows the hardware of a server well, he knows how to hit it, because automatically he is aware of all the possible flaws. If not, the hacker, must first know the weaknesses in the machine’s hardware, and this could raise the security level.
Scenario 2:
Knowledge of a server’s hardware, does not make it any easier for a hacker. the hacker can use a “software complex” to perform a series of automated attacks (similar to brute force attacks to find passwords), in order to identify weaknesses in the machine’s hardware. And at this point, the hacker knows how to breach that server.
Which of the 2 scenarios, might be closer to reality?
Features like
Supermicro impi
Intel AMT
Dell has some sort of remote utility that was a security hole a few years ago.
So I’m sure knowing the hardware.
Is definitely a weakness.
I think possibly both cases, since there is more than one “hacker” profile. The one you don’t know has entered (guru) and the one who doesn’t have much idea and enters a china shop like an elephant.
Against the first, you can do little and the second, because that’s what security solutions are for.
Therefore, do not be surprised that both scenarios can occur.