| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] If Dom0 was compramised
Steve Spencer wrote:
>> Odd, so you can create any ip tables rules and it should not affect
domUs?
A more accurate term would be it could be setup to only affect dom0
> and routed traffic, not bridged traffic.
Hmm, I'll look into that when (if ?) I get another box at work to
play with as a host.
We use IP tables for our Dom0 all the time. The DomU's have their own
iptables, specific to them. We only allow access to our Dom0's from the
administrative team. This means the only way a Dom0 could be
compromised is by one of us, which is extremely unlikely. The DomU's
have various access configured for their specific needs. We've had zero
problems with this strategy and it continues to work well for us.
That's more or less what I have set up - iptables rules that allow
DomU traffic and only the essentials (ie ssh from a whitelist of
hosts) for Dom0.
For anyone that knows your setup, compromising a Dom0 would probably
be the crown jewels. Get access to that and you can do anything with
the guests - even if it means shutting them down briefly while you
mount their disks and install extra software or alter their config.
In other words, having control of Dom0 is as least as good as having
physical access to an equivalent real machine (ie what the DomU would
be if not virtualised) and the ability to boot it from a live CD
while you fiddle with the contents of the disk.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home