iDrac firmware introduces a security check that could trip you up

A couple weeks ago, I had a dell server completely lock up on me, including the iDRAC which meant a 90 minute trip in to the datacentre to give the server a kick. Annoying, but not a major issue.

When I got to the datacentre I power cycled the server and everything came back up. I thought it would be worth doing a firmware upgrade in case that was the cause of the lock up. At the time, the latest iDRAC firmware was 2.81.81.81

Installing idrac firmware is pretty easy, once done the idrac rebooted and that is when I had a panic.

1

At first I thought that the firmware had somehow corrupted but it turns out that Dell have introuduced a new security check which is documented in the release notes that I did not read.

In short, Dell have introduced a host name check into the idrac firmware in order to mitigiate a known security issue https://www.dell.com/support/kbdoc/en-uk/000183758/dsa-2021-041-dell-emc-idrac-8-security-update-for-a-host-header-injection-vulnerability

The fix is pretty simple, all you need to do is access the iDRAC using the IP and ensure that under the idrac network settings you have set the DNS and host name correctly. Once this is done and saved your access problems will go away.

2

Gary Williams

Gary Williams

IT Person | Veeam Vanguard | VMware vExpert | Windows admin | Docker fan | Spiceworks moderator | keeper of 3 cats | Avid Tea fan

Read More