mixed system backups

Alfred alfred at mazuma.net.au
Thu Jan 3 14:28:33 EST 2002


And never forget defence in depth. Allowing root rsh connections sounds very
dangerous. If the worst happens and your firewall is ever penetrated then
your internal machines will fall amazingly quickly. Use a special user for
the backups, at least then it will limit any attacks.
(and if you think your firewall can't fail, what happens when Joe User puts
a modem on their PC so they can "work from home"....).

----- Original Message -----
From: "Damien Elmes" <resolve at repose.cx>
To: "Kim Holburn" <kim.holburn at anu.edu.au>
Cc: <burn at goldweb.com.au>; <linux at samba.org>
Sent: Thursday, January 03, 2002 2:21 PM
Subject: Re: mixed system backups


> Kim Holburn <kim.holburn at anu.edu.au> writes:
>
> > > > Any pointers - even alternatives to rsh from the more security wise.
> > >
> > >ssh with RSA or DSA keys.
> >
> > Forget it unless you want to have your machines spend 90% of their time
> > encrypting and decrypting.
>
> depends on the speed of the machines. alternative ciphers are also
available,
> some of which trade off some level of encryption but result in a marked
> speedup.
>
> behind a company firewall it's probably not a problem, but if that data
stored
> say, confidential billing information, it would be nice not to have other
> employees have access to it if they're just sitting on the network.
>
> --
> Damien Elmes
> resolve at repose.cx
>





More information about the linux mailing list