It has been reported in the media and some security conscious mailing lists that some IPMI-enabled servers, implementations and brands suffer serious security issues.
When you go to a dedicated server provider to rent a preconfigured unmanaged server that has IPMI (whether or not it is enabled for your use), what are the things to look for, from the security standpoint?
I expect the problems that are referred to is the infamous cipher zero issue. If you're renting a dedicated server with this capability, one option would be to complete a vulnerability scan of the server, to see if it's vulnerable. Nessus definitely has a check for this issue, and Metasploit also has modules for detecting it (they have detail on the problem and the modules here)
A key point before scanning the server is to get permission (in writing) from the hosting company for the scan. Most companies I've seen are fine with that kind of scanning so long as they are notified.
I would suggest you take a look at the way the company handles vulnerability reporting, as well as their response to such reports.
The company should provide a secure and private way to report vulnerabilities, such as a dedicated security response email and a PGP key for encryption of reports, and they should provide this in an easy to find location. They should also not persecute the people who find these vulnerabilities and report them, like some companies have tried to do previously.
For incident reports, they should respond quickly, as a guideline within 48 hours of the report, to the person who reported the vulnerability. If possible, a temporary patch should be released ASAP (such as Microsoft's FixIts), and a more permanent one released afterwards that completely removes the cause of the vulnerability. The company should also provide a way to keep its customers updated on security issues in their products, such as a mailing list, and keep it updated regularly.
