|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] If Dom0 was compramised
On Thu, May 20, 2010 at 5:06 PM, Ian Tobin <itobin@xxxxxxxxxxxxx> wrote:
> Curious, what would be the best way to secure the Dom0.
>
> Ive tried iptables before but then prevented access to the DomUs.
Depends on your setup. If you use bridge networking, and
/proc/sys/net/bridge/bridge-nf-call-iptables is 0 (which is 1 by
default), domU traffic should be unaffected by dom0's iptables.
--
Fajar
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|