Where would you look for such services?
Would you let my Qube, which is supposed to connect to only one IP address on the internet, be based on an extra firewall-vm? Would that more secure?
In the Qube settings for the services there is the service "disable-default-route". I have not found anything about what it does. In my case, would it be better to leave it on or turn it off?
Thank you for your reply and all the best
Michael Singer
> Disable all unnecessary services in the qube - that means almost all of
> them.Where would you look for such services?
Look to see what's running in the template/qube.
Would you let my Qube, which is supposed to connect to only one IP address on the internet, be based on an extra firewall-vm? Would that more secure?
You could do this: it would have one particular advantage, in that you
could set custom rules in sys-net to restrict access from that
sys-firewall to the specified IP address.
In the Qube settings for the services there is the service "disable-default-route". I have not found anything about what it does. In my case, would it be better to leave it on or turn it off?
man qvm-service - this service will remove the default gateway entry. So
a qube would be able to access immediate neighbours but not step beyond.
It's not what you want here.