[GLLUG] BEST NIX-BASED ROUTER
john at sinodun.org.uk
Wed Jun 16 17:41:07 UTC 2021
On the backups front, I have long felt that for secure backups it is
essential that the backups are driven by the backup server. The backup
server establishes a connection to the live server and backs up what it
is configured to back up. The live server must have no access to the
backup server, nor means to establish a connection to it.
If your backups are driven and controlled from your live server, then as
soon as it is compromised the attacker has the option to modify what
backups happen, or even prevent them entirely. If the live server has
some kind of write access to the backup server then they can go on and
compromise all your existing backups too.
If the backup server is the one initiating the backup but runs no
externally accessible services, then it does a backup when it is
configured to do a backup. If the live server has been compromised to
the point where the backup server can't, then it can report the fact.
No amount of corrupting the files on the live server will affect those
on the backup server.
Of course you still need a suitable cycle of backups so you can go back
as far as is necessary to recover.
I have two backup servers in different locations which do fairly
comprehensive backups each night. When they're not doing that, they're
switched off which makes them even harder to crack into.
Xronos Scheduler - https://xronos.uk/
All your school's schedule information in one place.
Timetable, activities, homework, public events - the lot
Live demo at https://schedulerdemo.xronos.uk/
More information about the GLLUG