WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Xen
Home Products Support Community News

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
<prev [Thread] next>

Re: [Xen-users] Firewall rules

from [Rudi Ahlers] [Permanent Link][Original]
To: Nathan Eisenberg <nathan@xxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Firewall rules
From: Rudi Ahlers <Rudi@xxxxxxxxxxx>
Date: 2010年8月25日 09:12:43 +0200
Cc: "Xen-users@xxxxxxxxxxxxxxxxxxx" <Xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: 2010年8月25日 00:14:18 -0700
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=softdux.com; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject:To:Cc:Content-Type:Content-Transfer-Encoding:X-Assp-Whitelisted:X-Assp-Envelope-From:X-Assp-Intended-For:X-Source:X-Source-Args:X-Source-Dir; b=itAPGy76FMx61s7Qvn/Mtyt76nhsxOOFTpxIflwHXi07y83sKcWHwg/Ufys5C8Mk2zdl/e+6o4YoTADzrkDMiW24q4tn5o9kvffbr0tH+l+yD8VcIdAfKoXgWI5HwOPA;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <8C26A4FDAE599041A13EB499117D3C281648ED68@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4C74353F.7070300@xxxxxxxxxxx> <8C26A4FDAE599041A13EB499117D3C281648ED68@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
On Wed, Aug 25, 2010 at 12:05 AM, Nathan Eisenberg
<nathan@xxxxxxxxxxxxxxxx> wrote:
> It's not really specific to XEN, but at $datacenterjob, we deploy servers 
> with the host firewall blocking everything except for ICMP-PING, and SSH or 
> RDP.  Typically, fail2ban is also installed on linux servers to kill off the 
> lazy bruteforcers.  Lastly, we drop the netbios ports using ACLs at our 
> border routers.
>
>
> _______________________________________________
Nathan, as matter of interest, do you have pre-configured ISO's or
something with the firewall already setup, or do you do this manually?
And, if it were for a XEN VM, would you do the firewalling on the dom0
host, or the domU guest?
-- 
Kind Regards
Rudi Ahlers
SoftDux
Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date: Re: [Xen-users] one busy vm affects other vm , Aclhk Aclhk
Next by Date: Re: [Xen-users] Monitoring Xen with Zabbix.. , For@ll
Previous by Thread: RE: [Xen-users] Firewall rules , Nathan Eisenberg
Next by Thread: Re: [Xen-users] Firewall rules , George Shuklin
Indexes: [Date] [Thread] [Top] [All Lists]

Copyright ©, Citrix Systems Inc. All rights reserved. Legal and Privacy
Citrix This site is hosted by Citrix

AltStyle によって変換されたページ (->オリジナル) /