[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] A security Question

PREETI MISHRA <scholar.preeti@xxxxxxxxx> wrote:

> Actually My exact problem is:

It would be a good idea if you'd just stated that up front - and ONLY ASK ONE 
QUESTION. Asking what is effectively the same question 3 times in 3 ways is a 
good way to get people to ignore you.

> I want to perform a simple check at Dom0 whether a VM packet is IP spoofed or 
> MAC spoofed? or everything is ok with it?

How about setting up filters.
When starting the VM, setup filters to block packets (other than required 
broadcast/multicast ones) from the VM (set the filters on the VIF in Dom0) that 
don't have the right MAC or IP ?

That would seem to be the simplest way IMO - just physically block spoofed 
packets from entering the virtual switch. Once you done that, you can use the 
packet contents without worrying about spoofing.

The downside is that the host needs to know the MAC and IP addresses each guest 
is going to be using - which means a little more management overhead.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.