[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] latest GPLPV drivers 0.10.0.86 and microsoft.com

In the end this turned out to be some worm getting onto the VPS before
we had chance to enable the firewall so now we are building the images
offline, enabling the firewall and putting them on the net.

Very strange how quickly it got infected but lessons learned.

Big thanks for James and Fajar for the advice.

On another note we cant put a perimeter firewall in place as the servers
are on the internet in the datacenter.

Thanks again

Ian

-----Original Message-----
From: James Harper [mailto:james.harper@xxxxxxxxxxxxxxxx] 
Sent: 05 September 2009 01:55
To: Fajar A. Nugraha; Ian Tobin
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: RE: [Xen-users] latest GPLPV drivers 0.10.0.86 and
microsoft.com

> >
> > Microsoft Windows [Version 5.2.3790]
> > (C) Copyright 1985-2003 Microsoft Corp.
> >
> > C:\Documents and Settings\support>ping www.microsoft.com
> > Ping request could not find host www.microsoft.com. Please check the
name
> and try again.
> 
> Okay, so nslookup CAN find the host (64.4.31.252) but ping CAN NOT
> find the host. The only time I have seen something like this is on
> malware-infected servers.
> 
> Either way, it's not Xen issue anymore. Xen's networking can pass UDP
> DNS traffic just fine (nslookup got the correct result). You might
> have better luck asking MS guys why nslookup can succeed while ping
> can't find the host, and how to fix the problem.
> 

Not so fast there... I think nslookup will still default to searching
for an A record, but I'm pretty sure that ping will first look for an
AAAA record under Vista and above.

Try doing 'ping -4 www.microsoft.com' and see if that makes a
difference. I certainly get 'Ping request could not find host
www.microsoft.com. Please check the name and try again.' When I try ping
-6, although the default behaviour _should- be to try ipv6 and then fall
back to ipv4...

If that works, and you really don't use ipv6 for all, disable it as a
protocol on the network adapter. Maybe you already did this before but
then installed gplpv which installs a new adapter and has ipv6 enabled
again? Or maybe you want to use ipv6 and for some reason it doesn't work
with gplpv... I haven't tested that very much.

James




_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.