[Box Backup] BoxBackup as a security tool

Ben Summers boxbackup@fluffy.co.uk
Thu, 16 Dec 2004 17:07:36 +0000

On 16 Dec 2004, at 17:01, Per Thomsen wrote:

> On 12/16/04 8:21 AM, Joe Krahn wrote:
>> I was just looking at some security stuff for intrusion monitoring by 
>> tools like Tripwire and AIDE, and realized something: BoxBackup does 
>> file change monitoring, AND stores the filesystem state on a remote 
>> machine which could be configured for boxbackup access but not login 
>> access.
>> This means that boxbackup could easily be a superior file-change 
>> monitoring system without much effort. Also, backups and intrusion 
>> monitoring are the two most neglected-but-important tools. Add a few 
>> security monitoring features to boxbackup, and you cover both at 
>> once.
>> All in favor? opposed?
> I'm opposed. Boxbackup is a backup tool, and should keep its focus IMO.

I agree with this -- there are too many ways in which the behaviour of 
Box Backup could be subverted to make the potential intrusion detection 

Also, I like the UNIX philosophy of a tool doing just one thing, but 
doing that thing the best that it possibly can.