WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] latest GPLPV drivers 0.10.0.86 and microsoft.com

To: "James Harper" <james.harper@xxxxxxxxxxxxxxxx>, "Fajar A. Nugraha" <fajar@xxxxxxxxx>
Subject: RE: [Xen-users] latest GPLPV drivers 0.10.0.86 and microsoft.com
From: "Ian Tobin" <itobin@xxxxxxxxxxxxx>
Date: Tue, 8 Sep 2009 15:22:00 +0100
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 08 Sep 2009 07:23:09 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <039E0B4AA9103344A80DA55DDDC76A932395E9@xxxxxxxxxxxxxxxxxxxxxx><AEC6C66638C05B468B556EA548C1A77D0177D04F@trantor><039E0B4AA9103344A80DA55DDDC76A932395EA@xxxxxxxxxxxxxxxxxxxxxx><7207d96f0909040426l78c4b7ces62ab0adba41da154@xxxxxxxxxxxxxx><039E0B4AA9103344A80DA55DDDC76A932395EF@xxxxxxxxxxxxxxxxxxxxxx><7207d96f0909040502u5ae95380qadd270a257be11bf@xxxxxxxxxxxxxx><AEC6C66638C05B468B556EA548C1A77D0177D076@trantor><039E0B4AA9103344A80DA55DDDC76A932395F1@xxxxxxxxxxxxxxxxxxxxxx><7207d96f0909040546w20c9e1f6hee007bbf1bf1ee75@xxxxxxxxxxxxxx><039E0B4AA9103344A80DA55DDDC76A932395F2@xxxxxxxxxxxxxxxxxxxxxx> <7207d96f0909040752t2052f73k1590631f9d21c00c@xxxxxxxxxxxxxx> <AEC6C66638C05B468B556EA548C1A77D0177D07A@trantor> <039E0B4AA9103344A80DA55DDDC76A93239607@xxxxxxxxxxxxxxxxxxxxxx> <AEC6C66638C05B468B556EA548C1A77D0177D165@trantor>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcotcB2ezKsLZA5ATM6rAwBq1kzvdwAUrHLwAKsfrLAABVJYwAACtwjQ
Thread-topic: [Xen-users] latest GPLPV drivers 0.10.0.86 and microsoft.com
But firewalling Dom 0 doesn't affect the VMs?  

And also if you did that you might not want to block certain ports as it
could be different on every VM.

BTW what is the best way of firewalling a Dom 0 built from the lenny
debs?

Thanks

Ian



-----Original Message-----
From: James Harper [mailto:james.harper@xxxxxxxxxxxxxxxx] 
Sent: 08 September 2009 14:03
To: Ian Tobin; Fajar A. Nugraha
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: RE: [Xen-users] latest GPLPV drivers 0.10.0.86 and
microsoft.com

> 
> In the end this turned out to be some worm getting onto the VPS before
> we had chance to enable the firewall so now we are building the images
> offline, enabling the firewall and putting them on the net.
> 
> Very strange how quickly it got infected but lessons learned.
> 
> Big thanks for James and Fajar for the advice.
> 
> On another note we cant put a perimeter firewall in place as the
servers
> are on the internet in the datacenter.
> 

You could firewall in Dom0 though.

Here (http://isc.sans.org/diary.html?storyid=7093&rss) is another good
reason why you should firewall early and firewall often :)

James



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users