Firewall Wizards mailing list archives
RE: Backup of DMZ Servers
From: "Jason Lewis" <jlewis () jasonlewis net>
Date: Fri, 1 Jun 2001 00:46:13 -0400
I should have added a little more detail, I apologize. Dual NIC's on the servers, strict ACL's on the backup network. Machines that are on separate networks have private connections to the backup server. In this scenario, the backup server is the point of failure. The backup server is hardened and monitored closely for anything strange. I don't like the idea of emailing backups. Nothing about email is secure. Tar and scp would probably be ok.....I need to give that some thought. Part of the reason I am using NetBackup is that I have a tape library with a robot and NetBackup makes managing that thing easier. Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. -----Original Message----- From: firewall-wizards-admin () nfr com [mailto:firewall-wizards-admin () nfr com]On Behalf Of Scott Armstrong Sent: Thursday, May 31, 2001 6:08 PM To: firewall-wizards () nfr com Subject: RE: [fw-wiz] Backup of DMZ Servers
Netbackup to a private backup network. The backup network is not accessible from anywhere, except through a console connection.
If the backup network isn't accessible from anywhere except a console connection, how do the backup clients connect to the backup server? If they have interfaces plugged into the backup network (they must) and the systems are accessible from a network other than the backup network (they will be), then I just hack into any system from one of these other networks and I have access to all of the systems on the backup network. And I don't need to go through a firewall to get to them. I prefer the "tar up the files and scp them to the backup server" method. Scott _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Backup of DMZ Servers Stiennon,Richard (May 31)
- <Possible follow-ups>
- Re: Fwd: Re: Backup of DMZ Servers Michael Brennen (May 31)
- RE: Backup of DMZ Servers Scott Armstrong (May 31)
- RE: Backup of DMZ Servers Jason Lewis (Jun 01)
- Re: Backup of DMZ Servers Adam Shostack (Jun 01)
- RE: Backup of DMZ Servers Jason Lewis (Jun 01)
- RE: Backup of DMZ Servers Marcus J. Ranum (May 31)
- Re: Backup of DMZ Servers poke (Jun 01)
- RE: Backup of DMZ Servers Stiennon,Richard (Jun 01)
- RE: Backup of DMZ Servers Stiennon,Richard (Jun 01)
- RE: Backup of DMZ Servers Jose Nazario (Jun 01)
- RE: Backup of DMZ Servers Crispin Harris (Jun 01)