Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Prevent Being Hacked Via Backups?

Posted by timothy on from the don't-make-backups- dept.

Popsikle writes "A few days ago one of the Web's largest hosting discussion forums was supposedly hacked via their backup servers. From the story: 'We've since learned that this very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.' What sort of security do you put on your backup infrastructure? Looking at your backup solution could you be completely taken down by either someone obtaining a backup or accessing your backup servers? What sort of recommendations does everyone have for this not to happen?"

14 of 214 comments (clear)

  1. See also: The classic answer to computer problems by dmomo · · Score: 5, Funny

    >>What sort of security do you put on your backup infrastructure?

    It depends.

    I guess it depends how valuable the data is, how current it needs to be. Does it need to be kept secret or simply kept uncorrupted? How fast do you need to access these backups. The harder for you, potentially the more secure.

    For starters let's have a copy off-line in a location where the servers are not. Heck, choose another location for more security. I am thinking: A tape and a DVD in a safe with a lock on it. And another somewhere else.

    If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

  2. Prevention for exploit via backups by Junior+J.+Junior+III · · Score: 4, Funny

    Easy, don't do backups! 99% of the world is already way ahead of you on this. Hard drive failure is a myth, anyway.

    --
    You see? You see? Your stupid minds! Stupid! Stupid!
    1. Re:Prevention for exploit via backups by dvhh · · Score: 1, Funny

      even better install Bonzi Buddy on your servers, and better yet discard your firewall, they are for pussies anyway. And who the need those lunix servers, windows 95 "should be enough for everyone"

  3. Re:See also: The classic answer to computer proble by TheGratefulNet · · Score: 5, Funny

    If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

    hey, the guy might NOT be jewish.

    did you consider that?

    --

    --
    "It is now safe to switch off your computer."
  4. Re:See also: The classic answer to computer proble by dmomo · · Score: 5, Funny

    Well done sir. Either way, it'd be a horrible way to parish.

  5. Re:Tachikoma by pembo13 · · Score: 2, Funny

    Those Tachikoma will do what ever it takes, especially once they gain individuality.

    --
    "Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
  6. Re:See also: The classic answer to computer proble by BluBrick · · Score: 5, Funny

    I think you need to altar your attitude.

    --
    Ahh - My eye!
    The doctor said I'm not supposed to get Slashdot in it!
  7. Re:eggs in multiple baskets tsarkon by wickerprints · · Score: 2, Funny

    It's a special, copyrighted, variant spelling of soufflé. Apparently it also requires equally special baskets and eggs.

  8. Insider by chirone · · Score: 2, Funny

    Probably was a former employee who did the job. At work we always joke to make a backdoor, ready to delete all backups in case we get fired. Unfortunately we have fireproof safes and off-site backups...

  9. Re:See also: The classic answer to computer proble by dougisfunny · · Score: 4, Funny

    Too soon?

    --
    This is not the funny you're looking for.
  10. Can I hire him? by Anonymous Coward · · Score: 3, Funny

    Dunno, but our backups are so secure that even the DBAs are usually unable to restore them. We might need this evil hacker to teach them a trick or two.

  11. Re:See also: The classic answer to computer proble by complete+loony · · Score: 4, Funny

    Christ, you guys are merciless. Next you'll be wanting to nail him to a tree or something.

    Jesus, I come here for the intellectual discussion. I didn't expect this kind of Spanish Inquisition.

    --
    09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
  12. Re:Easy fix by asdfghjklqwertyuiop · · Score: 4, Funny

    You take your harddrive , I'll take my tape. We'll both drop them from four feet to the floor a couple times and then see which one still works.

    ...At which point we'll observe that the hard drive failed. Then I'll pull out one of the several other copies of it which I was able to make thanks to the large amount of money I saved by not using tape. We'll finish by making a note not to repeatedly throw backup media on to the floor from four feet and conclude that hard drives are a fine backup medium.

  13. Re:See also: The classic answer to computer proble by Metabolife · · Score: 2, Funny

    Keep a 3 day backup and cross your fingers.