[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Firewalling Xen?

  • To: "Thomas Goirand" <thomas@xxxxxxxxxx>
  • From: "Grant McWilliams" <grantmasterflash@xxxxxxxxx>
  • Date: Tue, 16 Dec 2008 09:53:09 -0800
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 16 Dec 2008 09:53:50 -0800
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=dGF8caIwqjGTZLY8n6jCLfxU488RufTbUR9o2M6YUmjks134sQWfQ7FC2XJ0LyrMvF rMv+D/3dU0bO0d6yHhCTSaoapFnKM7fgpFMjGAiRK6IrWTe1iXkulNiwxS0QKHl/D6Y8 udrmE0qCF0O6xQMTDFZNz9pQPYmDcoCkVPPJY=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

Grant McWilliams

Some people, when confronted with a problem, think "I know, I'll use Windows."
Now they have two problems.

On Tue, Dec 16, 2008 at 9:01 AM, Thomas Goirand <thomas@xxxxxxxxxx> wrote:
lists@xxxxxxxxxxxxx wrote:
> I'm wondering how to setup a firewall for Dom0 when all traffic for the DomUs go 'through' it.


as we do commercial VPS hosting with xen and our own open source
management interface, we have designed a small anti-DoS firewall to
setup in your dom0. It does nothing spectacular, but it helps against
ssh dictionary attacks, and other very common flood types that might
hurt your server: ping, syn, etc.


I'd be happy to have contributions in this small script that is by the
way very simple to extend (just add few functions for yourself and
share, then anybody can enable/disable them with ease.


Don't you mean this ;-)


A bit off topic but can dtc-xen control it's users in a way that you can assign an admin per VM? What I'm looking for is to have each student manage
his and only his domU.

Grant McWilliams
Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.