On Mon, Mar 13, 2017 at 08:58:15PM -0700, David Christensen wrote: > On 03/13/2017 05:38 AM, Dan Purgert wrote: > >Currently, the system here is > > > > - every PC has a cronjob backing up $HOME to a central "server" (read - > > repurposed PC with decent WD drives), just an rsync script that runs > > daily. > > Don't forget security: > > 1. With a "push" arrangement (e.g. each workstation backs up itself to the > server) -- if a workstation gets compromised, the backups are at risk. > > 2. With a "pull" arrangement (e.g. the server backs up all the > workstations) -- if a workstation gets compromised, the backups should be > safe (and might have clues about the intrusion). Additionally, the backup > server can be completely firewalled (e.g. no open ports).
My understanding is that if there are no services listening on a port then it cannot be accessed. e.g. http://serverfault.com/questions/733633/if-no-service-is-listening-on-a-port-can-a-system-still-be-accessed-using-that-p An I missing something? -- The media's the most powerful entity on earth. They have the power to make the innocent guilty and to make the guilty innocent, and that's power. -- Malcolm X
