e.schuele at computer.org
Sun Oct 30 11:23:47 PST 2005
Martin Hepworth wrote:
> On 10/30/05, Csaba Henk <csaba-ml at creo.hu> wrote:
>>We plan to set up a backup server.
>>While the basic backup procedure is clear -- use some archiving utility
>>like dump, tar, or cpio and send data to the backup server via ssh or a
>>network mount -- there are many details which are unclear for me.
>>The two biggest problems are:
>>1) What parts are to be backed up? If I backup the whole system, the
>>backup disk will get full soon. You could say it's not necessary, and
>>that only the valueable data should be backed up (and not those parts
>>which are easy to re-create by means of a new installation). But, say,
>>someone breaks into the machince. How could I reliably find out the
>>Achilles heel she used to get in if I don't have a complete system
>>backup? Or if she has a backdoor left behind?
> Depends on what the risk you trying to mitigate with backup. Think of the
> problems and how you would get around them. There are file consistency utils
> you can run to see if root-kits etc have been installed.
> 2) How to schedule backups? I guess services should stop for the backup
>>period as the backup could be unreliable or inconsistent if disk/file
>>writes were going on during backup. It sounds as if I should drop to
>>single user mode. Or is there a less drastic approach? And if I dropped
>>to single user mode, I would lose control over the box for that period,
>>as the box is accessed via ssh and sshd is also stopped in single user
>>mode -- this sounds scary...
> With FreeBSD 5.x and later you can snapshop the filesystem then use a
> special 'dump' to backup that snapshot to the backup machine.
dump(8) will create a snapshot of a live filesystem, dump the snapshot
and then remove the snapshot, if given the correct flags ('-L').
> have a look at amanda and bacula for how they handle this and do some
> research on different backup strategies and their risks and benfits wrt to
> Unix systems - theres lots out there..
>>My sense of humour is often too subtle to cope with getting smileyd.
>>Please don't take it personal.
>>freebsd-questions at freebsd.org mailing list
>>To unsubscribe, send any mail to "
>>freebsd-questions-unsubscribe at freebsd.org"
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions