[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Multisystem backup



On Wed, Nov 03, 1999 at 11:09:26PM -0500, tps@major.pita.org wrote:
> On Wed, Nov 03, 1999 at 06:21:39PM -0500, Jaysen O'Dell wrote:
> > Ok I finally need to build a central backup "server". Looking at
> > utilizing an old p233 w/64Mram, 10bT NIC and an 8GB HD w/ the spud for
> > our deb release. Here are the concerns that I have:
> > 
> > 1) Is NFS a good idea? I am nervous about the obvious solution of NFS
> > mount then tar the files. security is the obvious concern but what about
> > locking and access.
> 
> No, unless you block it at your router, and you are reasonably sure
> you don't have sniffers on your net. A switched net helps.

A switched net might help, but it is not a 100% safe solution,
security-wise.  There's been a thread on Bugtraq regarding sniffing in
switched networks (sorry, I don't have a handy url).

As always, you need to balance the cost of the safety measures with the cost
of data you're trying to protect.  For example a VLAN capable switch might
be safer, but also more expensive.  Of course, to avoid sniffing, you might
just remove any machines you cannot control from the sensitive network.  Add
a well configured firewall and you should be safe enough.



Cheers,
---------------------------------------------------------------
Andrei D. Caraman			phone: +40 (1) 2050 637
Network Engineer			  fax: +40 (1) 2050 655
Mediasat SA			       mobile: +40 (94) 385 186 


Reply to: