On 06.10.2018 06:19, Virus Guy wrote:
> It's not that someone on the outside is getting in.
>
> It's that a trojan horse, baked into the motherboard, can communicate
> with something on the outside. Now how you do that and not be seen
> under presumably intense traffic analysis, I don't know.
And it's on the BMC, so it would normally be connected to the Admin net,
not the Production one.
Why would an ADMIN network need to be connected to anything else? That's
LITERALLY only there for sensitive internal connections, you wouldn't
hook that up to something with Internet access.
Not that I'd allow any other server to have access to the outside unless
it's a webserver, mailserver or suchlike - and THEY go into a DMZ.
So unless the Chinese got someone inside already, proper network
configuration would make this whole thing worthless on anything but
cloud servers.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|