viewtopic.php?f=41&t=5957
Since that time, my system has evolved, and I have added a large NAS to my network which gives me a lot of space for backups and whatever else. However, I still use the same basic system for backups, except I now backup twice - once to another HD on my workstation, and a separate backup to an iscsi share on the NAS.
Also since the time of that post, the malware threat has evolved substantially - and there are now some successful attacks against Linux systems. One of the most important recommendations for backing up is that there must be an offline backup as a defense against malware; should malware encrypt or delete all your online backups, you are screwed if you don't have an offline backup. Well, all my backups are online except for that USB hard drive that I plug in from time to time to get an offline backup. I have been dealing with the "online" issue by using very restrictive permissions on the NAS copy of the backup; unless an attacker gets root, that backup will be safe.
Then, a week ago, I read this article: http://www.techspot.com/news/64474-man- ... -line.html
Now, having just pulled the article up, I see it has been updated to indicate the original issue was a hoax, but when I first read it a week ago, I believed it. For the man to have deleted his entire hosting company like that would have involved a LOT of mistakes, but it is possible. And I concluded that, if I should somehow manage to enter rm -rf / as root, I would in fact delete my entire system including all current backups...which would not be good.
So, I decided to eliminate the risk. Last weekend I built a script that lets me make a full backup to an offline server. The server is connected to my LAN, and this script creates a mountpoint (in /root), mounts an NFS share on the offline server, does the backup (taking what I want from the backup on my NAS), dismounts the share, and deletes the mountpoint. To guard against the possibility that this script mounts this offline backup at the same time that some malware is in process of deleting or encrypting my files (thus making the offline backup vulnerable) I have placed "canary files" on the root of every volume of my system. These files (named files.txt and containing the string "file is OK") are all identified, tested, and found to be intact before the script proceeds.
This is a paranoid mechanism that assumes that at some point my systems will be cracked, or I will make a serious blunder. This protects me against every external threat except the cracker who obtains root and lurks in my system undetected (and I don't believe that could happen...I would detect them).
Here is the script:
- Code: Select all
#!/bin/bash
fileOK=1
for usefile in /mnt/sda1/okay.txt /mnt/sdb1/okay.txt /okay.txt /mnt/sdc5/okay.txt /mnt/sdd5/okay.txt /mnt/NAS/okay.txt /mnt/Video/okay.txt
do
if [ -r $usefile ]; then
while IFS='' read -r line || [[ -n "$line" ]]; do
if [ "$line" != "file is OK" ]; then
fileOK=0;
fi
done < "$usefile";
else
kdialog --msgbox "Dofinalbackup: File $usefile not found or not readable."
fileOK=0;
fi
done
if [ "$fileOK" -eq 1 ]; then
mkdir /root/final
mount -t nfs -o rsize=32768,wsize=32768,soft,nosuid,noacl,noauto,nofail 192.168.0.27:/mnt/VD01/Final.bak /root/final
mounted=0
mnts=`mount -t nfs`
if [ -n "$mnts" ]; then
for mnt in $mnts
do
if [ "$mnt" == "/root/final" ]; then
mounted=1;
break;
fi
done
fi
if [ "$mounted" -eq 1 ]; then
rsync -az --delete /mnt/NAS/stuff /root/final/
rsync -az --delete /mnt/NAS/Archival_Backups /root/final/
rsync -az --delete /mnt/NAS/Iso_files /root/final/
rsync -az --delete /mnt/NAS/GalaxyS5 /root/final/
rsync -az --delete /mnt/NAS/Music /root/final/
rsync -az --delete /mnt/NAS/vmware /root/final/
rsync -az --delete /mnt/NAS/wkstation /root/final/
rsync -az --delete /mnt/NAS/old_backups /root/final/
rsync -az --delete /mnt/NAS/back/backup0 /root/final/back/
rsync -az --delete /mnt/NAS/homeback/backup0 /root/final/homeback/
fi
fi
umount /root/final
rmdir /root/final