|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-users] If Dom0 was compramised
Ok cool, ill give it a shot :) Thanks Ian -----Original Message----- From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Olivier B. Sent: 20 May 2010 12:35 To: xen-users@xxxxxxxxxxxxxxxxxxx Subject: Re: [Xen-users] If Dom0 was compramised well, something like that ? iptables -I INPUT -p tcp --dport 22 -j ACCEPT iptables -P INPUT -j DROP iptables -I OUTPUT -p tcp --sport 22 -j ACCEPT iptables -P OUTPUT -j DROP Le 20/05/2010 13:29, Ian Tobin a écrit : > Ok I see. > > Do you have a sample script that blocks all traffic other than ssh and > pings? Or a similar script? > > Ian > > > -----Original Message----- > From: Fajar A. Nugraha [mailto:fajar@xxxxxxxxx] > Sent: 20 May 2010 11:23 > To: Ian Tobin > Cc: Xen User-List > Subject: Re: [Xen-users] If Dom0 was compramised > > On Thu, May 20, 2010 at 5:13 PM, Ian Tobin<itobin@xxxxxxxxxxxxx> wrote: > >> Yes im using bridged. >> >> Odd, so you can create any ip tables rules and it should not affect >> domUs? >> > A more accurate term would be it could be setup to only affect dom0 > and routed traffic, not bridged traffic. > > _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |