[PLUG] A server that isn't

Rich Burroughs rich at paranoid.org
Sat Dec 4 20:40:39 UTC 2004


Charles Sliger wrote:
> I haven't heard of a backup server like this, but it certainly could be
> done.
> Why the DOS attack concerns?  Is this system on the internet?

It sounds like it. That would be an alternate strategy, to set up a 
second, private network that the backups happen over. That would work if 
the boxes are all on the same network.

Keith, I can understand the paranoia about services running, you never 
want to do that if you don't need them, but in this kind of situation I 
would be more likely to run sshd on the backup server and just rsync 
through that from the clients when needed, rather than have all that 
polling going on. Yes, it's a service running that is a potential source 
of danger, but there haven't been many big problems with OpenSSH. I 
think that code is being scrutinized pretty closely, and if a problem is 
found you know there will be a patch coming quickly.

And as I think you hint at in your original email, the clients will have 
sshd running in the plan you propose, so if a hole in it crops up then 
the data is still vulnerable on the client boxes themselves. It's a 
problem you'll need to deal with in any case.

You could configure sshd so it only accepts connections from the client 
IPs, and set up redundant iptables rules to do the same things. I think 
that's a pretty secure setup.

One of the books I read a long time ago used the metaphor of a seesaw, 
with security on one end and convenience on the other. You always need 
to strike that balance based on your own situation, and the value of the 
data you need to protect.


Rich





More information about the PLUG mailing list