[PLUG] A server that isn't
Rich Burroughs
rich at paranoid.org
Sat Dec 4 20:40:39 UTC 2004
Charles Sliger wrote:
> I haven't heard of a backup server like this, but it certainly could be
> done.
> Why the DOS attack concerns? Is this system on the internet?
It sounds like it. That would be an alternate strategy, to set up a
second, private network that the backups happen over. That would work if
the boxes are all on the same network.
Keith, I can understand the paranoia about services running, you never
want to do that if you don't need them, but in this kind of situation I
would be more likely to run sshd on the backup server and just rsync
through that from the clients when needed, rather than have all that
polling going on. Yes, it's a service running that is a potential source
of danger, but there haven't been many big problems with OpenSSH. I
think that code is being scrutinized pretty closely, and if a problem is
found you know there will be a patch coming quickly.
And as I think you hint at in your original email, the clients will have
sshd running in the plan you propose, so if a hole in it crops up then
the data is still vulnerable on the client boxes themselves. It's a
problem you'll need to deal with in any case.
You could configure sshd so it only accepts connections from the client
IPs, and set up redundant iptables rules to do the same things. I think
that's a pretty secure setup.
One of the books I read a long time ago used the metaphor of a seesaw,
with security on one end and convenience on the other. You always need
to strike that balance based on your own situation, and the value of the
data you need to protect.
Rich
More information about the PLUG
mailing list