[Box Backup] BoxBackup as a security tool
Per Thomsen
boxbackup@fluffy.co.uk
Thu, 16 Dec 2004 09:01:35 -0800
On 12/16/04 8:21 AM, Joe Krahn wrote:
> I was just looking at some security stuff for intrusion monitoring by
> tools like Tripwire and AIDE, and realized something: BoxBackup does
> file change monitoring, AND stores the filesystem state on a remote
> machine which could be configured for boxbackup access but not login
> access.
>
> This means that boxbackup could easily be a superior file-change
> monitoring system without much effort. Also, backups and intrusion
> monitoring are the two most neglected-but-important tools. Add a few
> security monitoring features to boxbackup, and you cover both at once.
>
> All in favor? opposed?
I'm opposed. Boxbackup is a backup tool, and should keep its focus IMO.
Also, at least in the way I use box, it wouldn't help protect me very
much. I don't back up the places that have the greatest potential for
attack: /sbin:/usr/bin:/proc:/lib:/usr/lib etc... I back up data
directories, but not really a lot of the system related stuff.
If you were using box as a 'whole-machine' backup solution, I could see
some merit. I still think this should be low on the priority list.
My $0.02,
Per
--
Per Reedtz Thomsen | Reedtz Consulting, LLC | F: 209 883 4119
V: 209 883 4102 | pthomsen@reedtz.com | C: 209 996 9561
GPG ID: 1209784F | Yahoo! Chat: pthomsen | AIM: pthomsen