I am currently running a Proxmox 2.0 configuration on a single server. My hardware firewall is currently on backorder, and has still not arrived, so I am taking the time to examine the ports that need to be protected.
Currently, there are two Interfaces, vmbr0 and vmbr1, and they are setup like this.
vmbr0: WAN
- ClearOS Firewall which binds a number of public IP Addresses
vmbr1: Internal LAN
- ClearOS Firewall, which all applications are piped through courtesy of dhcp.
- VM1
- VM2
- etc
The weird thing is that when running netstat on the proxmox host, I have noticed lots of entries like
Does this mean that all these listeners are gloming onto all the IPs on the proxmox host?
I have already restricted the main proxmox IP, only allowing the web interface and VNC ports through - is that enough, or should I be worried about listeners randomly gloming onto other IP addresses that are attached to vmbr0?
The host runs a combination of KVM and OpenVZ VMs
Currently, there are two Interfaces, vmbr0 and vmbr1, and they are setup like this.
vmbr0: WAN
- ClearOS Firewall which binds a number of public IP Addresses
vmbr1: Internal LAN
- ClearOS Firewall, which all applications are piped through courtesy of dhcp.
- VM1
- VM2
- etc
The weird thing is that when running netstat on the proxmox host, I have noticed lots of entries like
Code:
*:mysql
*:httpI have already restricted the main proxmox IP, only allowing the web interface and VNC ports through - is that enough, or should I be worried about listeners randomly gloming onto other IP addresses that are attached to vmbr0?
The host runs a combination of KVM and OpenVZ VMs