Summary: ALOM in the DMZ

From: Brian Dunbar <>
Date: Tue May 13 2008 - 14:11:49 EDT
Thank you all for your input.

A few points of clarification are in order:

* This is for console access.

* The ALOM card would be in a separate network from the ethernet cards in the
DMZ.  I had to see the network who runs the DMZ because it's in 'his' rack.

Consensus: If the ALOM is in a separate network, you should be okay.

scadm was mentioned as a way to 'get into' the alom card.  The network crew
were concerned about other hosts being exploited from alom if the host is
compromised; if my host is hacked that deeply it's time to take it offline and
scrub down to bare metal.

ipmitool was mentioned in this regard as well.  This is new to me, so thanks!

My sanity was questioned for my alleged humor; I'll keep it in check in the
future.  I submit that the question that lay buried underneath layers of
childish humor is pertinent.  And no, I don't have a life.

The network guy's expertise was questioned: " Sounds like he's just spooked by
something outside his experience and understanding."

I may have painted the fellow in a bad light.  He's trying to be a good
steward of the network that he's been entrusted with.  We can all agree this
is a worthy goal and it's a big part of what we get paid for.

A serial connection from another host via tip was mentioned, and this would be
a good interim solution - and it would beat the laptop.  I'll give it a shot.
Two problems with this.

* I have three servers I need to talk to.  Soon to be four.
* The only servers in that room that I 'own' are the ones in the DMZ that I
need console access to.
* The other servers are owned by a separate admin group.  We get along but ..
it's a Great Big Deal to acquire a login.

Thanks for your input.

Brian Dunbar
Systems Administrator
Desk: (920) 751-3364
Cell: (920) 716-2027
sunmanagers mailing list
Received on Tue May 13 14:13:25 2008

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:11 EST