First time putting a Supermicro machine on a production network. The network vulnerability scanner picked up the IPMI port on this machine and reported two problems:
1) default passwords are in use
2) "null" user can access the system
However, i have:
1) latest IPMI firmware from Supermicro's website
2) changed password of "ADMIN" account
3) "Anonymous" account has no privileges
I've also tried to login as "Anonymous" account with ssh -l "" and via the webui and cannot gain any access. So, why are the security scanners picking up a problem?
Can the "Anonymous" account (IPMI account id =1 ) be deleted safely without causing problems?
1) default passwords are in use
2) "null" user can access the system
However, i have:
1) latest IPMI firmware from Supermicro's website
2) changed password of "ADMIN" account
3) "Anonymous" account has no privileges
I've also tried to login as "Anonymous" account with ssh -l "" and via the webui and cannot gain any access. So, why are the security scanners picking up a problem?
Can the "Anonymous" account (IPMI account id =1 ) be deleted safely without causing problems?