WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-users] If Dom0 was compramised

from [Ian Tobin] [Permanent Link][Original]
To: "Fajar A. Nugraha" <fajar@xxxxxxxxx>, "Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
Subject: RE: [Xen-users] If Dom0 was compramised
From: "Ian Tobin" <itobin@xxxxxxxxxxxxx>
Date: Thu, 20 May 2010 11:06:11 +0100
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 20 May 2010 03:07:29 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <46C13AA90DB8844DAB79680243857F0F061FCD@xxxxxxxxxxxxxxxxxxx> <AANLkTinmcoeqGi9Fgi0H6GGtdoBlCyads0iEyp9lFGGp@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acr4A9eREBYUkYVQS9W8X2bxEZcKgQAABizQ
Thread-topic: [Xen-users] If Dom0 was compramised 
Curious, what would be the best way to secure the Dom0.

Ive tried iptables before but then prevented access to the DomUs.

Ian



-----Original Message-----
From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Fajar A.
Nugraha
Sent: 20 May 2010 11:02
To: Jonathan Tripathy
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] If Dom0 was compramised

On Thu, May 20, 2010 at 4:53 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
wrote:
> Hi Everyone,
>
> If Dom0 were to get compramised, how bad would this be? How much
access to
> the DomUs does Dom0 have?

With physical servers, It would be the equivalent of someone having
access to your SAN (disks) and network switch/routers.
Results might include anything from man-in-the-middle-attacks or data
theft.

-- 
Fajar

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] If Dom0 was compramised, Fajar A. Nugraha
Next by Date:  Re: [Xen-users] If Dom0 was compramised, Olivier B.
Previous by Thread:  Re: [Xen-users] If Dom0 was compramised, Fajar A. Nugraha
Next by Thread:  Re: [Xen-users] If Dom0 was compramised, Fajar A. Nugraha
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy