WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Firewalling Xen?

from [Grant McWilliams] [Permanent Link][Original]
To: "Thomas Goirand" <thomas@xxxxxxxxxx>
Subject: Re: [Xen-users] Firewalling Xen?
From: "Grant McWilliams" <grantmasterflash@xxxxxxxxx>
Date: Tue, 16 Dec 2008 09:53:09 -0800
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 16 Dec 2008 09:53:50 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=Piyt394OrO4mKLw6BCdrnqwNS6hwwnF+8rWLiiRuato=; b=s/+HF/5DEbpj9QleNpOHZACVmMhzRn8if/v/lrjhAqo+X19i58mgOXmNRiaT7SmRi3 WED9FALp6z+CoG6j/8FLKxTFSthLi4dejHYiTqdK0TRyN6+4m/q/uOWDtn2kC7bCjmSe y2uUx+jWsNKCtlqpi+RMjCxWJjZMmkU9VZaEc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=dGF8caIwqjGTZLY8n6jCLfxU488RufTbUR9o2M6YUmjks134sQWfQ7FC2XJ0LyrMvF rMv+D/3dU0bO0d6yHhCTSaoapFnKM7fgpFMjGAiRK6IrWTe1iXkulNiwxS0QKHl/D6Y8 udrmE0qCF0O6xQMTDFZNz9pQPYmDcoCkVPPJY=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4947DEE9.1050607@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <14915851.141229329317606.JavaMail.root@xxxxxxxxxxxxxxxxxx> <4947DEE9.1050607@xxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx

Grant McWilliams

Some people, when confronted with a problem, think "I know, I'll use Windows."
Now they have two problems.



On Tue, Dec 16, 2008 at 9:01 AM, Thomas Goirand <thomas@xxxxxxxxxx> wrote:
lists@xxxxxxxxxxxxx wrote:
> I'm wondering how to setup a firewall for Dom0 when all traffic for the DomUs go 'through' it.

Hi,

as we do commercial VPS hosting with xen and our own open source
management interface, we have designed a small anti-DoS firewall to
setup in your dom0. It does nothing spectacular, but it helps against
ssh dictionary attacks, and other very common flood types that might
hurt your server: ping, syn, etc.

http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen.init;h=5e4df2e46e3a872a2d73ada77e24e8bb242f8b6b;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa

I'd be happy to have contributions in this small script that is by the
way very simple to extend (just add few functions for yourself and
share, then anybody can enable/disable them with ease.

Thomas


Don't you mean this ;-)

http://git.gplhost.com/gitweb/?p=dtc-xen.git;a=blob;f=debian/dtc-xen-firewall.init;h=16139921d6efd6fc2e407f7d80b11fae97befdf9;hb=a75a32b23d6dde71dc684045b3c2e7051c30e6fa

A bit off topic but can dtc-xen control it's users in a way that you can assign an admin per VM? What I'm looking for is to have each student manage
his and only his domU.

Grant McWilliams
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Differences when using Xen with Debian Lenny and other distro [was: xen,debian lenny and hvm(winxp)], listener
Next by Date:  Re: [Xen-users] Differences when using Xen with Debian Lenny and other distro, Simon Hobson
Previous by Thread:  Re: [Xen-users] Firewalling Xen?, Thomas Goirand
Next by Thread:  Re: [Xen-users] Firewalling Xen?, Stephen Liu
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy