Gregory's Server@novenary@akko.wtf @Sqaaakoi@wetdry.world @i_lost_my_bagel@mastodon.lilysthings.org @samebchase@fantastic.earth I may be stupid. :spinny_fox:
vPro is going to run anyway. Some features of it are part of the ME, some are at user level.
If you hit on the OS loopback, there's probably something also running on your OS. Maybe a management daemon that comes installed? You'd be correct in that it _doesn't_ use the NIC there.
The out of band stuff most people will be using vPro for though is part of the ME.
|
Top-level
 1 comment
|
@novenary@akko.wtf @Sqaaakoi@wetdry.world @i_lost_my_bagel@mastodon.lilysthings.org @samebchase@fantastic.earth
The management engine of all modern Intel CPUs has:
- full direct memory access
- full TCP stack access
- receive and send network packets bypassing the OS
- cannot be disabled past Core2 CPUs
It's a dedicated chip running MINIX, has a dedicated connection to the NIC and is part of the chipset.
The scary parts, the Active Management Engine, claims these ports:
- 16992 (SOAP/HTTP)
- 16993 (SOAP/HTTPS)
- 16994 (Redirection/TCP)
- 16995 (Redirection/TLS)
KVM runs over the last two.
https://www.intel.com/content/www/us/en/privacy/intel-active-technology-vpro.html
AMT is disabled by default.
@novenary@akko.wtf @Sqaaakoi@wetdry.world @i_lost_my_bagel@mastodon.lilysthings.org @samebchase@fantastic.earth
The management engine of all modern Intel CPUs has:
- full direct memory access
- full TCP stack access
- receive and send network packets bypassing the OS
- cannot be disabled past Core2 CPUs
It's a dedicated chip running MINIX, has a dedicated connection to the NIC and is part of the chipset.
The scary parts, the Active Management Engine, claims these ports:
- 16992 (SOAP/HTTP)
- 16993 (SOAP/HTTPS)