How To Prevent Being Hacked Via Backups?

Popsikle writes "A few days ago one of the Web's largest hosting discussion forums was supposedly hacked via their backup servers. From the story: 'We've since learned that this very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.' What sort of security do you put on your backup infrastructure? Looking at your backup solution could you be completely taken down by either someone obtaining a backup or accessing your backup servers? What sort of recommendations does everyone have for this not to happen?"

See also: The classic answer to computer problems

[dmomo]

>>What sort of security do you put on your backup infrastructure?

It depends.

I guess it depends how valuable the data is, how current it needs to be. Does it need to be kept secret or simply kept uncorrupted? How fast do you need to access these backups. The harder for you, potentially the more secure.

For starters let's have a copy off-line in a location where the servers are not. Heck, choose another location for more security. I am thinking: A tape and a DVD in a safe with a lock on it. And another somewhere else.

If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

Prevention for exploit via backups

[Junior J. Junior III]

Easy, don't do backups! 99% of the world is already way ahead of you on this. Hard drive failure is a myth, anyway.

Re:See also: The classic answer to computer proble

[TheGratefulNet]

If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

hey, the guy might NOT be jewish.

did you consider that?

Re:See also: The classic answer to computer proble

[dmomo]

Well done sir. Either way, it'd be a horrible way to parish.

Re:Prevention for exploit via backups

[dvhh]

even better install Bonzi Buddy on your servers, and better yet discard your firewall, they are for pussies anyway. And who the need those lunix servers, windows 95 "should be enough for everyone"

Re:Tachikoma

[pembo13]

Those Tachikoma will do what ever it takes, especially once they gain individuality.

Re:See also: The classic answer to computer proble

[BluBrick]

I think you need to altar your attitude.

Re:eggs in multiple baskets tsarkon

[wickerprints]

It's a special, copyrighted, variant spelling of soufflé. Apparently it also requires equally special baskets and eggs.

Insider

[chirone]

Probably was a former employee who did the job. At work we always joke to make a backdoor, ready to delete all backups in case we get fired. Unfortunately we have fireproof safes and off-site backups...

Re:See also: The classic answer to computer proble

[dougisfunny]

Too soon?

Can I hire him?

[Anonymous Coward]

Dunno, but our backups are so secure that even the DBAs are usually unable to restore them. We might need this evil hacker to teach them a trick or two.

Re:See also: The classic answer to computer proble

[complete loony]

Christ, you guys are merciless. Next you'll be wanting to nail him to a tree or something.

Jesus, I come here for the intellectual discussion. I didn't expect this kind of Spanish Inquisition.

Re:Easy fix

[asdfghjklqwertyuiop]

You take your harddrive , I'll take my tape. We'll both drop them from four feet to the floor a couple times and then see which one still works.

...At which point we'll observe that the hard drive failed. Then I'll pull out one of the several other copies of it which I was able to make thanks to the large amount of money I saved by not using tape. We'll finish by making a note not to repeatedly throw backup media on to the floor from four feet and conclude that hard drives are a fine backup medium.

Re:See also: The classic answer to computer proble

[Metabolife]

Keep a 3 day backup and cross your fingers.