From owner-freebsd-questions@FreeBSD.ORG Sun Oct 30 17:58:50 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDE1016A41F for ; Sun, 30 Oct 2005 17:58:50 +0000 (GMT) (envelope-from maxsec@gmail.com) Received: from xproxy.gmail.com (xproxy.gmail.com [66.249.82.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 41BCE43D45 for ; Sun, 30 Oct 2005 17:58:49 +0000 (GMT) (envelope-from maxsec@gmail.com) Received: by xproxy.gmail.com with SMTP id s13so375213wxc for ; Sun, 30 Oct 2005 09:58:49 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=FhqlxApumYXSKAX6xvz2YmT+Xp1F25rOGxYfBJnLHAL/tjle01d6A7YEVC3FVdsHLaJHlAAv4zdeK0Bw/e+KmLO5JhlYmnQdCSBSIyrd+XGdG3+ZZA41jWTj1oT62PwJftG1H4DsoquavSmXnJdj5exZrKlYzPg1nRXH9+hz0jQ= Received: by 10.70.128.10 with SMTP id a10mr1349852wxd; Sun, 30 Oct 2005 09:58:49 -0800 (PST) Received: by 10.64.209.20 with HTTP; Sun, 30 Oct 2005 09:58:19 -0800 (PST) Message-ID: <72cf361e0510300958w33bf3u3f754e68794b858d@mail.gmail.com> Date: Sun, 30 Oct 2005 17:58:19 +0000 From: Martin Hepworth To: Csaba Henk In-Reply-To: <20051030134902.GG2911@beastie.creo.hu> MIME-Version: 1.0 References: <20051030134902.GG2911@beastie.creo.hu> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: backup strategies X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Oct 2005 17:58:50 -0000 Hi On 10/30/05, Csaba Henk wrote: > > Hi! > > We plan to set up a backup server. > > While the basic backup procedure is clear -- use some archiving utility > like dump, tar, or cpio and send data to the backup server via ssh or a > network mount -- there are many details which are unclear for me. > > The two biggest problems are: > > 1) What parts are to be backed up? If I backup the whole system, the > backup disk will get full soon. You could say it's not necessary, and > that only the valueable data should be backed up (and not those parts > which are easy to re-create by means of a new installation). But, say, > someone breaks into the machince. How could I reliably find out the > Achilles heel she used to get in if I don't have a complete system > backup? Or if she has a backdoor left behind? Depends on what the risk you trying to mitigate with backup. Think of the problems and how you would get around them. There are file consistency util= s you can run to see if root-kits etc have been installed. 2) How to schedule backups? I guess services should stop for the backup > period as the backup could be unreliable or inconsistent if disk/file > writes were going on during backup. It sounds as if I should drop to > single user mode. Or is there a less drastic approach? And if I dropped > to single user mode, I would lose control over the box for that period, > as the box is accessed via ssh and sshd is also stopped in single user > mode -- this sounds scary... With FreeBSD 5.x and later you can snapshop the filesystem then use a special 'dump' to backup that snapshot to the backup machine. have a look at amanda and bacula for how they handle this and do some research on different backup strategies and their risks and benfits wrt to Unix systems - theres lots out there.. -- Martin TYA. > > -- > Csaba Henk > > My sense of humour is often too subtle to cope with getting smileyd. > Please don't take it personal. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >