Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to backup the firewall host itself?

2003-09-19 14:49:38
Subject: Re: How to backup the firewall host itself?
From: Bruno Negrão <bnegrao-amanda AT engepel.com DOT br>
To: "Eric Siegerman" <erics AT telepres DOT com>, "amanda users" <amanda-users AT amanda DOT org>
Date: Fri, 19 Sep 2003 13:05:30 -0300 
Wow,  hi Eric. What you´re saying is important. There are some mitigating 
factors here that i´d like to know from you how mitigating
you think they are.

> An intruder who takes over a machine on the DMZ can use it to
> stage attacks on the firewall.  Because you've opened up ports on
> the firewall to accept Amanda-related connections from the DMZ
> Amanda server, you've given the intruder more ports to attack.
Although the amanda server is on the DMZ, it does not have services available 
for internet users. So, it´s less exposed to hackers.
Besides, the DMZ hosts all have internal ip addresses. They access the internet 
through a nat firewall, this means that the external
world doesn´t know about the existence of my internal amanda server.
What i consider a mitigating factor here is that this amanda server is 
difficult to be discovered.

> Worse yet, because you have an Amanda client on the firewall,
> configured to accept connections from the DMZ server, an intruder
> can exploit any security problems (buffer overruns etc.) in
> Amanda itself!
The only port the firewall accepts INPUT packets for amanda jobs is the UDP 
port 10080, only if they came from the amanda server ip.
All the remaining necessary ports are controlled by the ip_conntrack_amanda 
iptables helper module that i´m using on my firewall
machine.
Thus, the only way go into the firewall is over the 10080 udp port.

> It seems to me to be *much* safer to put the Amanda server on
> your internal network and have it reach *out* through the
> firewall to the DMZ machines.  (You still weaken your firewall's
> security this way, but not nearly as much, because the Amanda
> server itself is now much less subject to attack.)
See, i think my server is very close to this situation you suggested here.
What do you think about it?

Thanks for your time,
Bruno Negrão


>
> --
>
> |  | /\
> |-_|/  >   Eric Siegerman, Toronto, Ont.        erics AT telepres DOT com
> |  |  /
> When I came back around from the dark side, there in front of me would
> be the landing area where the crew was, and the Earth, all in the view
> of my window. I couldn't help but think that there in front of me was
> all of humanity, except me.
> - Michael Collins, Apollo 11 Command Module Pilot
>
>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Copying from one tape to another tape, Paul Bijnens
Next by Date:  Re: Crashing machine, Frank Smith
Previous by Thread:  Re: How to backup the firewall host itself?, Eric Siegerman
Next by Thread:  Problems to read a partition, Roberto Samarone Araújo (RSA)
Indexes:  [Date] [Thread] [Top] [All Lists]