Re: Encrypting/emailing logs and configs
On Wednesday, 30 October 2002, at 13:07:31 -0500,
Sean McAvoy wrote:
> I was looking at configuring a few of my VPN/Firewall systems to send me
> daily backups of vital config files, and selected log files. I was
> wondering what would be the easiest method of accomplishing this? I was
> thinking something along the lines of just tar/bzip and then gpg to
> encrypt. What other possibilities are there? And has anyone else setup
> something similar?
>
Maybe the followinf is too ad-hoc for your liking, but should work ok
and be reasonably easy to setup, apart from being quite secure IMO. I am
thinking about "rsync" over "ssh", initiated from the destination backup
server to the "production" VPN/Firewall machine.
"rsync" does wonders updating trees of files in an optimal (bytes
transferred wise) way. Running over "ssh", provides you with an
encrypted (and if using RSA keys authentication) authenticated
connection. Sync the times in the backup server and the firewall with
(for example) ntp o ntpdate, and create a cron job in the backup server
to initiate the backup at a certain time of the day. If both boxes are
synchronized, you could also have your iptables firewall on the
VPN/firewall box be updated to allow this backup at exactly the time of
the day you have configured.*
If the backup script, when finished, return the remote firewall ruleset
to the original state, your "vulnerability" window will be even shorter.
I hope to have explained myself in an understandable way ;-)
--
Jose Luis Domingo Lopez
Linux Registered User #189436 Debian Linux Woody (Linux 2.4.19-pre6aa1)
Reply to: