Home page logo

basics logo Security Basics mailing list archives

RE: Out-of-band management network -more secure?
From: "Burton M. Strauss III" <BStrauss () acm org>
Date: Tue, 23 Mar 2004 11:28:33 -0600

Remember, you are only as secure as the weakest link.


Keeps all of the management traffic out of the network and thus - if
properly configured - invisible to mortals (what they can't see isn't going
to spark interest).
Keeps the management traffic (say your netFlow data) from eating bandwidth.


More complex to implement and maintain.
Double... wiring, nics, routers, etc - more stuff to buy, more stuff to
fail, more stuff to support/maintain.

The fallacy of OOB is that it makes you secure.  It doesn't - in fact, it's
a more attractive target to attack because there's more 'good stuff' out
there.  It may also be a softer target because if you think it's secure you
may not be keeping those hosts patched and updated.


-----Original Message-----
From: Kip Sr. [mailto:kipsr1 () yahoo com]
Sent: Monday, March 22, 2004 6:46 PM
To: security-basics () securityfocus com
Subject: Out-of-band management network -more secure?

Hello there!

I am looking for opinions about implementing an
out-of-band management network. I am talking about
dual homing NICs of web/db servers, routers, switches,
etc. - to both production network and management

Can someone tell me the main reason for implementing
OOB? Any security implications I should be aware of?

Thank you all in advance!


Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]