[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: chkrootkit has me worried!



Quoting Thomas Hochstein (ml@ancalagon.inka.de):

> That is not a good idea in a typical hosting environment; if you push
> your backup and the machine to be backupped is compromised, the
> attacker has access to your backups too because the automatic backup
> process has to have the necessary credentials (unless you want to type
> in the credentials every hour/day/week by hand, which is not very
> feasible). 

Remedy:  If backups are set up cleverly using SSH public keypairs, all the
intruder can do is re-run the backup job.  (You would therefore want to
have backups land on a dedicated filesystem, on the backup target host.)

Details:
"SSH Public-key Process" on http://linuxmafia.com/kb/Security/

-- 
Cheers,             
Rick Moen                 "Anger makes dull men witty, but it keeps them poor."
rick@linuxmafia.com                                   -- Elizabeth Tudor



Reply to: