Re: Multisystem backup
On Wed, Nov 03, 1999 at 11:09:26PM -0500, tps@major.pita.org wrote:
> On Wed, Nov 03, 1999 at 06:21:39PM -0500, Jaysen O'Dell wrote:
> > Ok I finally need to build a central backup "server". Looking at
> > utilizing an old p233 w/64Mram, 10bT NIC and an 8GB HD w/ the spud for
> > our deb release. Here are the concerns that I have:
> >
> > 1) Is NFS a good idea? I am nervous about the obvious solution of NFS
> > mount then tar the files. security is the obvious concern but what about
> > locking and access.
>
> No, unless you block it at your router, and you are reasonably sure
> you don't have sniffers on your net. A switched net helps.
A switched net might help, but it is not a 100% safe solution,
security-wise. There's been a thread on Bugtraq regarding sniffing in
switched networks (sorry, I don't have a handy url).
As always, you need to balance the cost of the safety measures with the cost
of data you're trying to protect. For example a VLAN capable switch might
be safer, but also more expensive. Of course, to avoid sniffing, you might
just remove any machines you cannot control from the sensitive network. Add
a well configured firewall and you should be safe enough.
Cheers,
---------------------------------------------------------------
Andrei D. Caraman phone: +40 (1) 2050 637
Network Engineer fax: +40 (1) 2050 655
Mediasat SA mobile: +40 (94) 385 186
Reply to: