backup strategies

Martin Hepworth maxsec at gmail.com
Sun Oct 30 09:58:50 PST 2005


Hi

On 10/30/05, Csaba Henk <csaba-ml at creo.hu> wrote:
>
> Hi!
>
> We plan to set up a backup server.
>
> While the basic backup procedure is clear -- use some archiving utility
> like dump, tar, or cpio and send data to the backup server via ssh or a
> network mount -- there are many details which are unclear for me.
>
> The two biggest problems are:
>
> 1) What parts are to be backed up? If I backup the whole system, the
> backup disk will get full soon. You could say it's not necessary, and
> that only the valueable data should be backed up (and not those parts
> which are easy to re-create by means of a new installation). But, say,
> someone breaks into the machince. How could I reliably find out the
> Achilles heel she used to get in if I don't have a complete system
> backup? Or if she has a backdoor left behind?


Depends on what the risk you trying to mitigate with backup. Think of the
problems and how you would get around them. There are file consistency utils
you can run to see if root-kits etc have been installed.

2) How to schedule backups? I guess services should stop for the backup
> period as the backup could be unreliable or inconsistent if disk/file
> writes were going on during backup. It sounds as if I should drop to
> single user mode. Or is there a less drastic approach? And if I dropped
> to single user mode, I would lose control over the box for that period,
> as the box is accessed via ssh and sshd is also stopped in single user
> mode -- this sounds scary...


With FreeBSD 5.x and later you can snapshop the filesystem then use a
special 'dump' to backup that snapshot to the backup machine.

have a look at amanda and bacula for how they handle this and do some
research on different backup strategies and their risks and benfits wrt to
Unix systems - theres lots out there..

--
Martin


TYA.
>
> --
> Csaba Henk
>
> My sense of humour is often too subtle to cope with getting smileyd.
> Please don't take it personal.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>


More information about the freebsd-questions mailing list