HP iLO authorization? Nah

This is old news and certainly not the end of the world, but just so it’s clear: Always keep your management network internal only.

Any version of iLO will by default happily provide anyone who can access it with details on product type, serial number, iLO firmware version, etc. This can be a convenience when autodetecting nodes on your management network.

Here are some exposed iLOs, courtesy of Shodan:

There’s also /xmldata?item=CpqKey that’s probably useful for something.

Oh, and FORTRAN called and congratulated on the all-caps XML.