Slashdot Mirror
Arkeia Network Backup Agent Remote Access
hdm writes "The Metasploit Project has published a security analysis of the Arkeia Network Backup Client. Anyone able to connect to TCP port 617 can gain read/write access to the filesystem of any host running the Arkeia agent software. This appears to be an intentional design decision on the part of the Arkeia developers. A long-winded description of this issue, complete with screen shots, demonstration code, and packet captures can be found in the
research article. Arkeia has been credited with being the
first commercial backup product for the Linux platform."
Arcserve is nice. But what about bacula?
http://www.bacula.org/
Backing up from the raw device rarely a good idea. Backups of this nature need to be atomic, so you need to unmount the filesystem, copy it, and then remount it. You will need to keep the FS unmounted for long enough to do a complete copy. A better solution is to provide rôle-based access control (SELinux does this, for example), and create a backup rôle which has read access to all files on mounted filesystems.
I am TheRaven on Soylent News
> For the time being, I guess I'll stick to my proven, open source (free software even) backup solution involving tar, gpg, and ssh.
You aparently either run a limited number of basic backup jobs and/or have plenty of time to write backup scripts, which is not bad as you need something to make yourself look very good at your job.
And FYI Arkeia Light is free (as in "one can use it at no cost"), see arkeia.org.
I agree this is an issue, the best solution I have found is Push Mirroring with this the command that can be run is put in the ssh public key and then the compromised client can only run this specific command.
Check out MKDoc a mod_perl CMS
Here is an instance of the warez-monkies indirectly contributing something useful. PAR2 is essentially a RAID5 type data parity for files. Warezpups use it to add a layer of parity to their hundreds of RAR files (or whatever). If one (or more) RAR's go bad, the parity files can be used to reconstuct the bad file. Much like RAID5 however, there is a space sacrifice for this extra parity layer.
http://sourceforge.net/projects/parchive/
Its frequently used on USENET binaries groups now as well to solve the missing part problems.
I'm sure this exact strategy could be integrated into your backup solution with minimal effort.
I think we'd all enjoy a nice cold beverage. -David Letterman
I ran Arkeia with a large web hosting firm for about 2 years mixed with Linux and Windows machines. We tested the backups extensively before deployment and spent $18,000 with Knox for licenses.
All seemed well until we needed to restore data. The logging indicated a perfect backup, but time and time again our restores were either failing or incomplete. On Windows, it simply wouldn't restore anything.
The solution, according to Arkeia was to purchase an upgrade ($12,000) which would solve all our problems. And since we refused to spend another 15% for a support agreement, that was our only alternative. I don't think so.
Needless to say, we went with someone else. Veritas had a great enterprise solution that worked with Linux and Windows (the server app runs only on Windows) and supports a huge array of tape drives. And it was one-third the price.
I can't definetly recall, but the Veritas agent also has some security peculiarities that raised some eyebrows. If you run any enterprise backup, I guess the answer is to make sure you're firewalled.
In this day and age of cheap disk drives, I wonder if anyone is using USB or Firewire drives and just using those for back-ups. A Lacie 250 gig Firewire drive is <$200.
Have a look at dar (should handle 1-3, and 5) with par2 to get 4.
Actually, even without par2, dar will be able to get all the files except the ones in regions with bad data, IIRC.
By not using tape. rsnapshot going to a sufficiently-large RAID array or drive covers your regular backups, including aging. A separate rsnapshot or rsync can do nicely for offsites, pushing the backups to another server. For enterprises, this approach probably is insufficient, but for smaller firms (e.g., ~70 employees, 5 offices), this works well.
The Busy Coder's Guide to Android Development
>>> On a Windows box however it's not uncommon to see backup utilities running with higher priviledges than the "administrator" account because that's the only way to sidestep things like system file protection and other tricks Microsoft uses to protect the system from abuse.
That is not true.
All you need to read a file system in Windows is the backup privilege. You don't even need to be an adminstrator. So if you have this privilege enabled, you can use the BackupRead API to backup stuff.
Don't try to use the force. Do or do not, there is no try.
On a Windows box however it's not uncommon to see backup utilities running with higher priviledges than the "administrator" account because that's the only way to sidestep things like system file protection and other tricks Microsoft uses to protect the system from abuse
Actually, you'll almost inevitably see backup utilities running as LOCALSYSTEM, which is indeed higher than Administrator, because that's how Windows works.
If a user registers a program to run as a service (note: You must have Administrator-level access to perform this step), then that program will run for all users regardless of who logs on (ideal to ensure that a backup program runs every night), and programs that run in this mode are always LOCALSYSTEM.
It's not a hack or a "trick," that's just how the security model works. But since you've got to be the equivalent of root to install such a program, it's not exactly a problem.