Intelligent Platform Management Interface definition
The Intelligent Platform Management Interface (IPMI) is an interface used to remotely control and monitor computer systems. It works separately from the operating system and functions even when the computer is turned off or not operational. It allows monitoring system health, logging events, and recovering from crashes.
See also: baseboard management controller
Intelligent Platform Management Interface components
- Baseboard management controller (BMC). This is the central component of IPMI. It’s a microcontroller in the computer’s motherboard that manages the interface between system management software and platform hardware.
- Sensors. IPMI uses various devices that check metrics like temperature, fan speed, and voltage to monitor the system’s health. These sensors report data on the server’s operating conditions to the BMC.
- System event log (SEL). This is a log where the BMC records events and alerts. It tracks temperature spikes, system starts and stops, and other hardware-related events.
- IPMI LAN interface. This component gives access to the BMC over a network for remote management.
- Serial interface. This is another way to communicate with the BMC, besides using a LAN.
- Intelligent Chassis Management Bus (ICMB). More complex systems use this to link multiple BMCs.
- IPMI firmware. It helps the BMC work with the IPMI functionalities and hardware components.
Security issues of the Intelligent Platform Management Interface
- Default credentials. IPMI systems often come with default usernames and passwords. If not changed, they become an easy target for attackers.
- Unencrypted network traffic. Older IPMI versions don’t encrypt network traffic, risking data being intercepted by attackers.
- Vulnerabilities in BMC firmware. Weak spots in BMC firmware may allow attackers to gain unauthorized access or install spyware.
- Lack of network segmentation. Often, IPMI interfaces are not isolated from the main network, making it more vulnerable to attacks.
- Persistent access. As you may remember, the IPMI operates independently of the operating system. That’s why an attacker with access to IPMI can keep control over a system even after major changes like reinstalling the operating system.