Security thoughts about running XenServer on a dedi
Have a dedicated server and noted that I can reinstall with various flavors of linux or windows but also with XenServer. I have managed XenServers on premise before but never really thought about having control of one for a dedi. I usually just have VPS.
Obviously need more IPs but that's not a big deal.
My concern was more with security. On a linux VPS/dedi I can run even simple stuff like fail2ban/denyhost, etc to help limit the jerks. I can probably even run on those on XenServer as well.
I was just thinking more about the Citrix XenServer level vulnerabilities that come out as well as the remote administration. I guess I could use hosts.deny and hosts.allow to restrict everyone except me but naturally I'm on a dynamic IP most of the time so that's difficult unless I login through remote KVM and update that stuff as needed (PITA).
I don't have the ability to create a VPN or that would solve the whole problem.
Just figured I would ask if anyone else is running XenServer on a dedi and if you are what you can do to lock it down, etc.
I would be cool to have XenServer and then multiple VMs as I can easily see benefits for me but not if the risk is too great. I'll just stick with my normal linux stuff and buy another VPS/dedi if XenServer just doesn't make much sense.