WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] dos attack problem in xen bridge mode

from [Simon Hobson] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] dos attack problem in xen bridge mode
From: Simon Hobson <linux@xxxxxxxxxxxxxxxx>
Date: Tue, 21 Dec 2010 07:53:35 +0000
Delivery-date: Mon, 20 Dec 2010 23:55:26 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AANLkTin=OXCjkhRk461b-jS1PLYH49TeVrJ4pVaLibaN@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <AANLkTin=OXCjkhRk461b-jS1PLYH49TeVrJ4pVaLibaN@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Alaa eldin wrote:
i'm using xen in bridge mode and some of my domU got under attack from one ip with high udp packet inside domU i'm using iptables as firewall i have drop the packet but from dom0 i still see the ip from Iftop and the ip eat my traffic there is any idea about this
If you have a rule to match the traffic, you can drop it at the ingress interface with an iptables rule in Dom0. The traffic will still hit the network stack and netfilter, but it won't then get as far as the bridge. If that's not good enough, then you'll have to filter it upstream before it reaches your Xen server machine. 

--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Yet another question about multiple NICs, Simon Hobson
Next by Date:  Re: [Xen-users] Re: Network isolation - PCI passthrough question, Jean Baptiste FAVRE
Previous by Thread:  [Xen-users] dos attack problem in xen bridge mode, Alaa eldin
Next by Thread:  [Xen-users] [SPAM] XCP 1.0beta and vastSky. What information I have gathered, what I did and how "far" I got with it., Henrik Andersson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy