Actively exploited vulnerability gives extraordinary control over server fleets
'Hackers are exploiting a maximum-severity vulnerability that has the potential to give them complete control over thousands of servers, many of which handle mission-critical tasks inside data centers, the US Cybersecurity and Infrastructure Security Agency is warning. The vulnerability, carrying a severity rating of 10 out of a possible 10, resides in the AMI MegaRAC, a widely used firmware package that allows large fleets of servers to be remotely accessed and managed even when power is unavailable or the operating system isn't functioning. These motherboard-attached microcontrollers, known as baseboard management controllers (BMCs), give extraordinary control over servers inside data centers. Administrators use BMCs to reinstall operating systems, install or modify apps, and make configuration changes to large numbers of servers without physically being on premises and, in many cases, without the servers being turned on. Successful compromise of a single BMC can be used to pivot into internal networks and compromise all other BMCs. CVE-2024-54085, as the vulnerability is tracked, allows for authentication bypasses by making a simple web request to a vulnerable BMC device over HTTP. The vulnerability was discovered by security firm Eclypsium and disclosed in March. The disclosure included proof-of-concept exploit code allowing a remote attacker to create an admin account without providing any authentication. At the time of the disclosure, there were no known reports of the vulnerability being actively exploited. On Wednesday, CISA added CVE-2024-54085 to its list of vulnerabilities known to be exploited in the wild. The notice provided no further details.' -- source: https://arstechnica.com/security/2025/06/active-exploitation-of-ami-manageme... Cheers, Peter
Skype was a videotelephony, videoconferencing, and voice calls application that ran on various platforms including Linux. In 2010 Microsoft purchased Skype. In May 2025, they retired Skype and suggested their Skype users move to Teams. A Teams-for-Linux was provided for free. It has moved from a gui application to being a browser based app. I used Teams by entering on my Linux/Ubuntu system the address in the Firefox browser of: https://teams.live.com/v2/ With Teams videotelephony I found that, as well as a propagation delay, there was about a half second delay between the arrival of the video and the matching audio arriving. i.e. The lips were not in-sync. I looked for alternatives and wondered about Whatapp, but was told it couldn't do "share-screen", which is a feature I frequently use on Skype. I have now installed the Linux version of the free and open-source Jami software. See: https://en.wikipedia.org/wiki/Jami_(software) https://jami.net/ I initially found that it was unstable and I had to keep open a terminal window and type $ killall jami from time-to-time. However once I had the video camera resolution sorted out, and I no longer needed to be tweaking set-up parameters, it seems to be much more stable. I find communication propagation time and the video/audio sync much improved over Teams in one-to-one videotelephony. Jami has a group conferencing feature. When I set up a group conference and got someone to join, to me it seemed that my computer and router were doing all the processing and they couldn't cope. Those that joined the conference found there was an unacceptable amount of propagation delay. When Jami is launched then it places an icon in the system tray which gives the option of "Show Jami" and "Quit". Note that if you click on the Jami application screens "close" button, the screen does close but Jami continues in the background until you click on the "quit". The Jami wikipedia entry states: By adopting distributed hash table technology (as used, for instance, within the BitTorrent network), Jami creates its own network over which it can distribute directory functions, authentication, and encryption across all systems connected to it. I am interested to observe how much network traffic to and from my computer is due to Jami. In the case of the bit torrent application Transmission, you can see the bytes sent and bytes received. The Jami application does not provide this feature. Does anyone know a bash command that would continuously show the jami processes' network traffic? cheers, Ian.
On Wed, 2 Jul 2025 10:52:17 +1200, Ian Stewart wrote:
Does anyone know a bash command that would continuously show the jami processes' network traffic?
The ss(8) <https://manpages.debian.org/ss(8)> command should be able to display various info, if you can come up with the right filter criteria. Does jami listen on a fixed port? Unfortunately, I don’t see any options in that command to filter by process command or process ID. Other possibilities are lsof(8) <https://manpages.debian.org/lsof(8)>, and also poking around in the /proc/«pid»/fd and /proc/«pid»/net directories <https://manpages.debian.org/proc_pid_fd(5)>, <https://manpages.debian.org/proc_pid_net(5)>.
On Wed, 2 Jul 2025 10:52:17 +1200, Ian Stewart wrote:
Does anyone know a bash command that would continuously show the jami processes' network traffic?
A bit of online searching uncovered NetHogs <https://github.com/raboof/nethogs>, which allows breaking down network traffic into individual processes, rather than by protocol/address. There is a standard Debian package available.
Does anyone know a bash command that would continuously show the jami processes' network traffic?
A bit of online searching uncovered NetHogs <https://github.com/raboof/nethogs>, which allows breaking down network traffic into individual processes, rather than by protocol/address. There is a standard Debian package available.
That's a really neat tool. I like being able to switch between total and current usage. Thanks for sharing! Cheers, Peter
Hi Lawrence, Thanks for finding the NetHogs application. When I am not using Jami, but it is still potentially operating on my computer as part of the Jami distributed network, then I see very little Jami related network traffic. In the last few days I've been monitoring the "download" feature of Jami. My son, running Jami on his Android phone, posted two video clips to me. One was 17MB and the other was 84MB. I waited 24 hours and after that the amounts downloaded were about 10MB on each file. By "prodding" the download button I got the 17MB file to appear to "complete" downloading, but it didn't place the finished .mp4 file into my ~/Downloads folder. I'm still experimenting with it. It seems that as the downloading is occurring it is stored off my home directory... ~/snap/jami/357/.local/share/jami/b0--16 chars--de/conversation_data/4d--40 chars--6f/3b---lots of chars---06.mp4 ...and the video plays OK. A 3.6MB .jpeg image file downloaded OK. So Jamiseems to have a feature/bug at the moment regarding how long it takes to download large video files, ...and then you have to go fishing into hidden directories to find them. cheers, Ian.
Hi Ian, Lawrence thanks for bringing up Jami and NetHogs. Both of interest here. I had started recommending Jami to those users who used Skype in the past and do not use a mobile phone (no mobile phone no = no WhatsApp option). For those with a focus on video calls only (no large downloads involved), Jami seems to be a usable option. Michael On 7/07/25 12:34, Ian Stewart wrote:
Hi Lawrence,
Thanks for finding the NetHogs application.
When I am not using Jami, but it is still potentially operating on my computer as part of the Jami distributed network, then I see very little Jami related network traffic.
In the last few days I've been monitoring the "download" feature of Jami. My son, running Jami on his Android phone, posted two video clips to me. One was 17MB and the other was 84MB. I waited 24 hours and after that the amounts downloaded were about 10MB on each file. By "prodding" the download button I got the 17MB file to appear to "complete" downloading, but it didn't place the finished .mp4 file into my ~/Downloads folder.
I'm still experimenting with it. It seems that as the downloading is occurring it is stored off my home directory...
~/snap/jami/357/.local/share/jami/b0--16 chars--de/conversation_data/4d--40 chars--6f/3b---lots of chars---06.mp4
...and the video plays OK.
A 3.6MB .jpeg image file downloaded OK.
So Jamiseems to have a feature/bug at the moment regarding how long it takes to download large video files, ...and then you have to go fishing into hidden directories to find them.
cheers, Ian.
_______________________________________________ wlug mailing list -- wlug@list.wlug.org.nz To unsubscribe send an email to wlug-leave@list.wlug.org.nz
participants (4)
-
Ian Stewart -
Lawrence D'Oliveiro -
Michael Doerner | TechnologyWise -
Peter Reutemann