Date: Sun, 4 Jul 2004 03:12:13 +0200 (CEST) From: cpghost <cpghost@cordula.ws> To: gpeel@thenetnow.com Cc: freebsd-questions@freebsd.org Subject: Re: NFS and Backups Message-ID: <20040704011213.AB4694AC36@fw.farid-hajji.net> In-Reply-To: <002301c46153$9302a360$6601a8c0@grant> (gpeel@thenetnow.com) References: <00ba01c460fe$d9cae910$6601a8c0@grant> <40E6FBF2.1060201@mac.com> <002301c46153$9302a360$6601a8c0@grant>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > I have recently decided to use some extra disk space on one of my > servers as > > > backup space. I have NFS client and Servers running OK, but was > wondering how > > > secure it really is. > > > > NFS is not secure at all. If you don't trust the local subnet, don't use > NFS > > there. Certainly don't use NFS across the Internet, unless using a secure > > tunnelling/VPN protocol.... > > So, If I set the exports so that it used 192.168.x.x, and, my managed switch > is only set to alow members of my vlan to use those IPs, I should be OK in > that case? Careful here! If you have a WLAN access point hooked to your switch, you're still vulnerable to war driving. Even if you don't use wireless LAN, you still have to be sure that the client can't be replaced with a rogue machine without you immediately knowing it (it happens in real life more frequently than you think, esp. in big offices with lots of computers). If you could avoid NFS for backups, then by all means, you should try. As said, building reliable backup/restore as well as ad hoc file swapping schemes on top of scp and ssh is a tried and quite secure method. -- Cordula's Web. http://www.cordula.ws/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040704011213.AB4694AC36>