This section is intended to introduce the reader to various aspects of art, which may be related to various aspects of the present invention that are described or claimed below. This discussion is believed to be helpful in providing the reader with background information to facilitate a better understanding of the various aspects of the present invention. Accordingly, it should be understood that these statements are to be read in this light, and not as admissions of prior art.
Over the past several decades, computers have become increasingly important tools in all aspects of modern society. The computers used in businesses, schools and homes may be networked together via servers. The servers may be configured to provide services including applications and/or storage resources. Additionally, the servers may provide access to other computers or networks. As such, the server is a central feature in today's networked computer environment and the proper operation of the network depends on the proper operation of the servers.
In order to facilitate continuous operation of servers and to reduce downtime, the servers may be remotely managed. Specifically, the servers may be configured to allow for a remotely located user to access the server for remotely analyzing and servicing the server. This remote access helps control network management costs by reducing the number of network management personnel required to maintain the network, as well as reduces the delay and expense of analyzing and repairing network problems. For example, a network management team may identify issues and, in some cases, solve those issues without an on-site service call to the server.
During a remote management session, however, the server may become vulnerable. A user located at the server may gain access to the server via a local console following login by a remote manager. The local user may then take over the operating system control using local I/O controls such as the keyboard and prevent further remote management by disconnecting the network connection which allows for the remote management. Thus, the local user effectively hijacks the server once the local console has been unlocked by the remote manager.
Previous attempts to prevent a local user from hijacking the server during remote management sessions include disabling local controls such as USB ports by inhibiting device support in the operating system or disabling the hardware in system ROM-based system utilities (RBSU). Alternatively, local controls, such as PS/2 ports, have been disconnected when the remote console is in use. This was implemented by using multiplexed connection and external tri-state control signals to inhibit simultaneous parallel connection on the point-to-point PS/2 or serial connections. These solutions, however, required disabling local support unless the system is rebooted and/or reconfigured.