 Home |
Products |
Support |
Community |
News |
xen-users
Re: [Xen-users] Re: Creating a DMZ domU
| To: | "Jeroen Torrekens" <jeroen.torrekens@xxxxxxxxxxx> |
|---|---|
| Subject: | Re: [Xen-users] Re: Creating a DMZ domU |
| From: | "Christopher Isip" <cmisip@xxxxxxxxx> |
| Date: | Wed, 16 Jul 2008 07:19:21 -0400 |
| Cc: | "John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>, xen-users <xen-users@xxxxxxxxxxxxxxxxxxx> |
| Delivery-date: | Wed, 16 Jul 2008 04:19:55 -0700 |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=Kbd3q9QhYSg4BgyVjPQWooDyb6gAAUjDiov7LZolYm8=; b=vffKfH0pWyI6G9AFoYNlYZ+dwgQ27d9Ca3Sx9V1y3SJSGC6kubzOu2R0HLR+m2E3XK xY6e3RJb6y+IMryfLUT9bgdUufYMLDe5RHlDduDfaTTZlY4HLaeUDF4JJerbJ2Pr8nxU Meevhyl20wesc/bn9rL7+NfPwIeEOnULClJhs= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=YgauXsN/ONQGHguNhSmaFTj9hEDevOaI/CShuQUCaaibPP0rR8gXykRPB2h4GAb6Gx Dqla+5ggdJwrBeklMR5L5c9H5h/LajAof0pBqCzqlaSVU2t5ZFJv+6fDT6Vozzd3npqG hw+xcKfY8iqZm/G59sDFGS4z2e/IAOrkKU6p0= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <487DAFD6.504@xxxxxxxxxxx> |
| List-help: | <mailto:xen-users-request@lists.xensource.com?subject=help> |
| List-id: | Xen user discussion <xen-users.lists.xensource.com> |
| List-post: | <mailto:xen-users@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe> |
| References: | <4bca5f6c0807122044k5cb40137pb2cec30631f2a6e2@xxxxxxxxxxxxxx> <4bca5f6c0807132006m2198486dtc44482ca7ab1449a@xxxxxxxxxxxxxx> <1216031074.7629.9.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <4bca5f6c0807151557t3f2533f2i1d5438c2f929fa37@xxxxxxxxxxxxxx> <487DAFD6.504@xxxxxxxxxxx> |
| Sender: | xen-users-bounces@xxxxxxxxxxxxxxxxxxx |
If the dmz is compromised though, the attacker would have access to the dmz bridge and all hosts connected to it right?. This should exclude dom0 since there is no interface in dom0 attached to the dmz bridge (xenbrD). Is this correct? [root@mymainserver ~]# brctl show bridge name bridge id STP enabled interfaces eth0 8000.00146c30c25a no vif8.0 vif7.0 vif6.0 vif5.0 vif4.0 vif3.0 vif2.0 vif1.0 peth0 virbr0 8000.000000000000 yes xenbrD 8000.feffffffffff no vif11.0 vif2.1 I believe in the above vif1.0 is probably attached to the asterisk domU while vif2.1 is to the dmz domU though I dont know how to check for sure. I did not manually enslave a dom0 interface to the xenbrD bridge when I created it. Thanks Chris _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-users] vlans+bonding+bridging, Longina Przybyszewska |
|---|---|
| Next by Date: | Re: [Xen-users] windows resolution, RicK |
| Previous by Thread: | Re: [Xen-users] Re: Creating a DMZ domU, Jeroen Torrekens |
| Next by Thread: | Re: [Xen-users] Re: Creating a DMZ domU, John A. Sullivan III |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
