From owner-freebsd-isp Sun Dec 15 17: 4:39 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B52C37B401 for ; Sun, 15 Dec 2002 17:04:38 -0800 (PST) Received: from smtp2.sentex.ca (smtp2.sentex.ca [199.212.134.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C6B843ED1 for ; Sun, 15 Dec 2002 17:04:37 -0800 (PST) (envelope-from mike@sentex.net) Received: from granite.sentex.ca (ns.sentex.ca [199.212.134.1]) by smtp2.sentex.ca (8.12.6/8.12.6) with ESMTP id gBG14TNt099439; Sun, 15 Dec 2002 20:04:29 -0500 (EST) (envelope-from mike@sentex.net) Received: from house.sentex.net (cage.simianscience.com [64.7.134.1]) by granite.sentex.ca (8.12.6/8.12.6) with ESMTP id gBG14MOU032365; Sun, 15 Dec 2002 20:04:23 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.2.0.9.0.20021215195931.06955bc8@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Sun, 15 Dec 2002 20:04:31 -0500 To: Marcus Reid From: Mike Tancsa Subject: Re: network backup Cc: freebsd-isp@freebsd.org In-Reply-To: <20021215221031.GA72287@blazingdot.com> References: <20021213165625.GB91604@dan.emsphone.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 02:10 PM 12/15/2002 -0800, Marcus Reid wrote: >On Sun, Dec 15, 2002 at 09:22:06AM -0500, Mike Tancsa wrote: > > /sbin/dump -0uanf - /usr |gzip -9 | ssh > > remoteuser@backupserver.example.com dd > > of=/home/targetdir/root-server-al0.gz > >Agreed that dump is the way to go much of the time.. There is something >that bothers me in your example though. Your backup machine trusts the server, >and not the other way around. IMHO, the backup machine needs to be one of >the most trusted machines on your network, like your management workstation. I agree. However, the target user on the backup server is non wheel and the session is chrooted into its own directory. If servera is compromised, the attacker can get at the account servera on the backupserver, and thats it. >It logs into machines below it, and not the other way around. Compromise of >server X should not allow access to the backups of every machine on the >network! Not necessarily. If there is a password compromise on the one server, it does not mean that there is access to all the other accounts on the backup server. Also, if it were done the other way around, only the backup server need to be compromised to gain access to all the other servers. How have you designed your backup system that avoids these issues ? ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message