Firewall Wizards mailing list archives

RE: Backup of DMZ Servers

From: Crispin Harris <Harris_C () DeMorgan com au>
Date: Fri, 1 Jun 2001 15:03:50 +1000

I have a "standard" method for backing up firewalls and other dedicated
service systems (such as DNS, IDS, NTP, SecurID).

The initial requirement is to have a standard build (preferably something
that you can stick-in-the-cd and boot cdrom).

A second assumption is that the systems do not log locally. (High volume
transient content is thus sent elsewhere).

Then only backup the configuration and control files. While this varies from
application-to-application, then list is still small enough to get a .tar.gz
onto a floppy disk :-).

This turns into a nice (small), simple (Gauntlet 4-esque) backup mechanism.

The major assumptions are VERY important, because without them, the backup
method does not contain enough information to rebuild an identical system.
The nice thing about this is that the backup is then (almost entirely)
hardware independent. (Small changes might need to be made w.r.t. i/f
names.)

Regards,
        Crispin Harris

-----Original Message-----
From: Marcus J. Ranum [mailto:mjr () nfr com]
Sent: Friday, 1 June 2001 2:22 PM
To: jlewis () jasonlewis net; 'Hartmann, Josef'; firewall-wizards () nfr com
Subject: RE: [fw-wiz] Backup of DMZ Servers


Another trick (depending on how many/often files change on your
DMZ servers) is to just do a
backup incremental dump | compress | uuencode | mail backup@inside

if your mail server is backed up automatically, then you're covered.

mjr.
---
Marcus J. Ranum     Chief Technology Officer, NFR Security Inc.
Work:  http://www.nfr.com
Play: http://www.ranum.com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards

-----------------------------------------

 This correspondence is for the named person's use only.  It may
 contain confidential or legally privileged information or both.
 No confidentiality or privilege is waived or lost by any
 mistransmission.  If you receive this correspondence in error, please
 immediately delete it from your system and notify the sender.  You
 must not disclose, copy or rely on any part of this correspondence
 if you are not the intended recipient.

 Any views expressed in this message are those of the individual sender,
 except where the sender expressly, and with authority, states them to
 be the views of DeMorgan Pty Ltd.

 This e-mail has been checked for known Viruses. It is the responsibility
 of the receiver to check their system for infected files and any such
 file is deemed not to be the responsibility of DeMorgan.

---------------------------------------------------------

Current thread:

RE: Backup of DMZ Servers Stiennon,Richard (May 31)
- <Possible follow-ups>
- Re: Fwd: Re: Backup of DMZ Servers Michael Brennen (May 31)
- RE: Backup of DMZ Servers Scott Armstrong (May 31)
  - RE: Backup of DMZ Servers Jason Lewis (Jun 01)
    - Re: Backup of DMZ Servers Adam Shostack (Jun 01)
- RE: Backup of DMZ Servers Marcus J. Ranum (May 31)
- Re: Backup of DMZ Servers poke (Jun 01)
- RE: Backup of DMZ Servers Stiennon,Richard (Jun 01)
- RE: Backup of DMZ Servers Stiennon,Richard (Jun 01)
  - RE: Backup of DMZ Servers Jose Nazario (Jun 01)
- RE: Backup of DMZ Servers Crispin Harris (Jun 01)