[Box Backup] BoxBackup as a security tool
Ben Summers
boxbackup@fluffy.co.uk
Thu, 16 Dec 2004 17:07:36 +0000
On 16 Dec 2004, at 17:01, Per Thomsen wrote:
> On 12/16/04 8:21 AM, Joe Krahn wrote:
>
>> I was just looking at some security stuff for intrusion monitoring by
>> tools like Tripwire and AIDE, and realized something: BoxBackup does
>> file change monitoring, AND stores the filesystem state on a remote
>> machine which could be configured for boxbackup access but not login
>> access.
>>
>> This means that boxbackup could easily be a superior file-change
>> monitoring system without much effort. Also, backups and intrusion
>> monitoring are the two most neglected-but-important tools. Add a few
>> security monitoring features to boxbackup, and you cover both at
>> once.
>>
>> All in favor? opposed?
>
> I'm opposed. Boxbackup is a backup tool, and should keep its focus IMO.
I agree with this -- there are too many ways in which the behaviour of
Box Backup could be subverted to make the potential intrusion detection
useless.
Also, I like the UNIX philosophy of a tool doing just one thing, but
doing that thing the best that it possibly can.
Ben