WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] dom0 brute force detection

from [Steven Spencer]

[Permanent Link][Original]

To:	xen-users@xxxxxxxxxxxxxxxxxxx
Subject:	Re: [Xen-users] dom0 brute force detection
From:	Steven Spencer <steven.spencer@xxxxxxxx>
Date:	Tue, 08 Mar 2011 10:58:47 -0600
Delivery-date:	Fri, 11 Mar 2011 13:01:02 -0800
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<4D765C19.2020207@xxxxxxxxxxxxxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<4D765C19.2020207@xxxxxxxxxxxxxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.14) Gecko/20110223 Lightning/1.0b2 Thunderbird/3.1.8

On 03/08/2011 10:40 AM, Randy Katz wrote:

Hi,

Has anyone on this list found the necessity to log/monitor brute force
activity on
dom0? I just noticed that looks like it might be a DoS but was not
monitoring so
need to install something, what are you currently using?

Thanks in advance,
Randy

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

I'm just using iptables on the Dom0 and blocking all traffic except frommy local net. There's no point in allowing any traffic to Dom0 exceptwhat you need for management.


--
--
Steven G. Spencer, Network Administrator
KSC Corporate - The Kelly Supply Family of Companies
Office 308-382-8764 Ext. 231
Mobile 308-380-7957

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] dom0 brute force detection, Randy Katz Re: [Xen-users] dom0 brute force detection, Steve Spencer Re: [Xen-users] dom0 brute force detection, Steven Spencer <=

Previous by Date:	[Xen-users] dom0 kernel, John McMonagle
Next by Date:	Re: [Xen-users] Can't boot HVM Linux guests on Debian Squeeze Dom0, Garrett Robinson
Previous by Thread:	Re: [Xen-users] dom0 brute force detection, Steve Spencer
Next by Thread:	[Xen-users] HVM domain with PCI passthrough cannot reboot, Akos Szalkai
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix