[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Running snort on dom0

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Torsten Lehmann <tlehmann@xxxxxxxxxxxxx>
Date: Wed, 16 May 2007 21:34:14 +0200 (CEST)
Delivery-date: Thu, 17 May 2007 02:52:41 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

> I need to monitor all traffic and block bad requests on my guest
> machines and also on my xen host. To accomplish this I think to
> install snort on my dom0 host (rhel5). Somebody have
> tried this? What about performance on guests??

- work identical to fw,sniffer,net-acct...

  --- peth0  ---- eth0 ----- dom0
              |
              --- vif1.0 --- dom1

- snort read default from eth0
- would you scan complete traffic, bind snort to peth0
- would you scan dom1, bind snort to vif1.0

Torsten


--
Torsten lehmann
Launoc


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Prev by Date: [Xen-users] 2.6.20 domU kernel on 2.6.16 kernel
Next by Date: Re: [Xen-users] 2.6.20-1-amd64 Xen with RHEL5 guest
Previous by thread: [Xen-users] Running snort on dom0
Next by thread: [Xen-users] extra = "mem=1024" and maxmem
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.