oh god, i have a colo server that isn't with you guys the service provider just put my ipmi interface on a public network with a public ip :( so... thanks for not doing stuff like that :P qbit: whats the subnet mask are a lot of other hosts in the same broadcast domain also? Haven't looked Gonna cancel my service with them pretty asap if you wireshark the interface you might get a lot of ARP type traffic They aren't responding to my removal request tcpdump even Would it show other ipmi type traffic? I didn't even check if it was in my up range or a diff block qbit: Probably not since IPMI traffic is unicast. Unless you're on a 10/100 hub... Could very well be :P I don't trust them at all now so my subnet is 255.255.255.248 this ip is def not in that subnet so i am guessing they have a subnet of exposed ipmi interfaces 2/bu12 aw qbit: it's actually pretty normal not saying it's a good idea, just not an uncommon idea. mercutio: might be normal, but for sure it isn't acceptable without asking me in the first place yeah it's not a smart idea i really wish it could be a smart idea :) but the security on those things is way too bad also they can crash