WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] If Dom0 was compramised

from [Olivier B.]

[Permanent Link][Original]

To:	xen-users@xxxxxxxxxxxxxxxxxxx
Subject:	Re: [Xen-users] If Dom0 was compramised
From:	"Olivier B." <xen.list@xxxxxxxxx>
Date:	Thu, 20 May 2010 13:35:28 +0200
Delivery-date:	Thu, 20 May 2010 04:36:39 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<039E0B4AA9103344A80DA55DDDC76A933B29A7@xxxxxxxxxxxxxxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<46C13AA90DB8844DAB79680243857F0F061FCD@xxxxxxxxxxxxxxxxxxx> <AANLkTinmcoeqGi9Fgi0H6GGtdoBlCyads0iEyp9lFGGp@xxxxxxxxxxxxxx> <039E0B4AA9103344A80DA55DDDC76A933B29A3@xxxxxxxxxxxxxxxxxxxxxx> <AANLkTim2FHDXnZD0m4SMiDXN-depxe0NTerIC-Qr3Ql2@xxxxxxxxxxxxxx> <039E0B4AA9103344A80DA55DDDC76A933B29A4@xxxxxxxxxxxxxxxxxxxxxx> <AANLkTilrNLhKOxhzm4jX13JgcCHOALXIIJQn5vFec47T@xxxxxxxxxxxxxx> <039E0B4AA9103344A80DA55DDDC76A933B29A7@xxxxxxxxxxxxxxxxxxxxxx>
Reply-to:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.9) Gecko/20100515 Icedove/3.0.4

well, something like that ?

iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -P INPUT -j DROP
iptables -I OUTPUT -p tcp --sport 22 -j ACCEPT
iptables -P OUTPUT -j DROP

Le 20/05/2010 13:29, Ian Tobin a écrit :

Ok I see.

Do you have a sample script that blocks all traffic other than ssh and
pings? Or a similar script?

Ian


-----Original Message-----
From: Fajar A. Nugraha [mailto:fajar@xxxxxxxxx]
Sent: 20 May 2010 11:23
To: Ian Tobin
Cc: Xen User-List
Subject: Re: [Xen-users] If Dom0 was compramised

On Thu, May 20, 2010 at 5:13 PM, Ian Tobin<itobin@xxxxxxxxxxxxx>  wrote:

Yes im using bridged.

Odd, so you can create any ip tables rules and it should not affect
domUs?

A more accurate term would be it could be setup to only affect dom0
and routed traffic, not bridged traffic.


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] If Dom0 was compramised, Jonathan Tripathy Re: [Xen-users] If Dom0 was compramised, Fajar A. Nugraha RE: [Xen-users] If Dom0 was compramised, Ian Tobin Re: [Xen-users] If Dom0 was compramised, Fajar A. Nugraha RE: [Xen-users] If Dom0 was compramised, Ian Tobin Re: [Xen-users] If Dom0 was compramised, Fajar A. Nugraha RE: [Xen-users] If Dom0 was compramised, Ian Tobin Re: [Xen-users] If Dom0 was compramised, Olivier B. <= RE: [Xen-users] If Dom0 was compramised, Ian Tobin Re: [Xen-users] If Dom0 was compramised, Steve Spencer Re: [Xen-users] If Dom0 was compramised, Simon Hobson Re: [Xen-users] If Dom0 was compramised, Olivier B. RE: [Xen-users] If Dom0 was compramised, Jonathan Tripathy

Previous by Date:	RE: [Xen-users] pv_ops Dom0 kernel for DomU?, Ian Tobin
Next by Date:	[Xen-users] If a DomU was compramised.., Jonathan Tripathy
Previous by Thread:	RE: [Xen-users] If Dom0 was compramised, Ian Tobin
Next by Thread:	RE: [Xen-users] If Dom0 was compramised, Ian Tobin
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix