Thanks, needed a good laugh.
Putting a BMC or KVM on the Internet is hilariously unwise.
No need worry about dodgy remote desktop software — the attackers will be able to back door the firmware!
(Yes, iLO verifies firmware signatures… but yes they’ve had horrific vulnerabilities, worse than nightmares).
You don't put these devices on the public internet! You use Wireguard to control access. Think Tailscale or similar.