More architecture based than software but... We implemented a complete backup backplane to which everything is connected - web servers, database boxes, etc. The switch all the boxes are connected to, including the backup server, is VLANed in a rather unique way (well, unique to me). Port one, which is the backup server, has a primary VLAN of VLAN1, and is a member of all the other VLAN's. All the other ports on the switch are configured with the individual port having a primary VLAN of VLAN<x> and a member of VLAN1. Basically what this gives is the ability for every box on the backplane to communicate with the backup server, but one box cannot communicate to another box (data is only be sent out via the primary VLAN of a port, but is received on all VLANs that port is a member of). The backup server itself is not connected to the internal network - it is only connected to the backup backplane. Since our corporate email server is one of the servers on the backplane, email notifications and job reports can still be sent from the backup server. Backup agents are all configured to only run on the backup backplane interface. All in all, I'm mostly happy with the security of this. -----Original Message----- From: Geo. [mailto:georgerat_private] Sent: Thursday, March 20, 2003 3:54 PM To: vuln-devat_private Subject: Backup Agents Has anyone ever studied how secure backup agents are in the context of using them on web servers? Seems to me a backup agent is designed to get information (all information) out of a system, so I was wondering if anyone had ever researched how secure the connection between a backup server and a machine running a backup agent is. How hard it would be to exploit the backup agent and that sort of thing. Geo.
This archive was generated by hypermail 2b30 : Tue Mar 25 2003 - 15:52:19 PST