[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Dell iDRAC6

To: phil <jabea@xxxxxxxxx>
Subject: Re: [Full-disclosure] Dell iDRAC6
From: Jeffrey Walton <noloader@xxxxxxxxx>
Date: Thu, 7 Jul 2011 21:59:32 -0400

On Thu, Jul 7, 2011 at 9:27 PM, phil <jabea@xxxxxxxxx> wrote:
> Is it only me, but the iDRAC6 from Dell is kinda insecure. The default
> username and password is always root / calvin. (I configured a lot of Dell
> server from like  R610 to NX3000 and they all share that default password)
I have found Dell to be very insecure - from their BIOS to their
applications. I've tried to report a number of issues over the years
and all have been ignored. For example, emails to
{secure|security}@dell.com are received but ignored; and calls to
their tech support (overseas call centers) to report a vulnerability
get you transferred into the bit bucket.

I no longer purchase anything Dell. It does not matter if its personal
computers to business servers.

Jeff

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Dell iDRAC6
  - From: phil

Prev by Date: [Full-disclosure] Dell iDRAC6
Next by Date: Re: [Full-disclosure] Dell iDRAC6
Previous by thread: [Full-disclosure] Dell iDRAC6
Next by thread: Re: [Full-disclosure] Dell iDRAC6
Index(es):
- Date
- Thread