In this configuration untrusted guests are given full root access to their xen domU
I currently have arptable and ebtable rules in the dom0 to make arp spoofing from a domU a little more difficult.
domU# ifconfig
eth0 Link encap:Ethernet HWaddr 01:02:03:04:05:06
inet addr:123.123.123.123 .......................
dom0# arptables -L
-j ACCEPT -s nlnog.nmsrv.com --src-mac 01:02:03:04:05:06 --opcode Reply
-j ACCEPT -s nlnog.nmsrv.com --src-mac 01:02:03:04:05:06 --opcode Request
dom0# ebtables -L
-p IPv4 -o vif5.0 --ip-dst 123.123.123.123 -j ACCEPT
-p IPv4 -i vif5.0 --ip-src 123.123.123.123 -j ACCEPT
-p IPv4 -o vif5.0 -j DROP
-p IPv4 -i vif5.0 -j DROP
I am looking for recommendations how to protect against domU nd spoofing.