| Paketname | dtc-xen-firewall |
| Beschreibung | A small firewall script for your dom0 |
| Archiv/Repository | Offizielles Ubuntu Archiv lucid (universe) |
| Version | 0.5.4-1 |
| Sektion | universe/web |
| Priorität | optional |
| Installierte Größe | 84 Byte |
| Hängt ab von | debconf (>= 0.5) | debconf-2.0, debconf, iptables |
| Empfohlene Pakete | |
| Paketbetreuer | Ubuntu Developers |
| Quelle | dtc-xen |
| Paketgröße | 10746 Byte |
| Prüfsumme MD5 | 11908c6705e10323b56cc98b6f5f0cd6 |
| Prüfsumme SHA1 | 717d373c36843da811450999f82ecc158cfde08f |
| Prüfsumme SHA256 | 19ad8f6d104a0d4f3b4b6fd324f7b35a6c92a991b00a73fb14a973a10280b3bf |
| Link zum Herunterladen | dtc-xen-firewall_0.5.4-1_all.deb |
| Ausführliche Beschreibung | If running in a production environment, you might want to have a basic
firewall running on your dom0 to avoid having DoS attack. This is not the
state-of-the-art, but just another attempt to make things a bit more smooth.
Comments and contribution are more than welcome!
.
The main principle of this firewall script is to rate limit connections to
both your dom0 and your VPSes. It's principle is NOT block any connection. For
example, dtc-xen-firewall denies ssh for 300 seconds after 10 attempts on your
dom0, rate limit ping to 5 per seconds on your dom0 and to 50/s globally for
all your VPS, and does the same kind of thing for SYN flood attacks. Take
care, it also blocks any connection to the port 25, as in a normal dom0, you
would install a mail server to send system messages to the administrators, but
you don't want to accept any incoming message.
|