LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 04-27-2010, 07:53 AM   #1
daveginorge
Member
 
Registered: Oct 2006
Location: Porsgrunn, Norway
Distribution: CentOS 5
Posts: 93

Rep: Reputation: 16
NFS Shares over Internet


Hi All

CentOS5.x
We have a auto backup system that rsyncs all our vital data to a backup server over our network. The final step in this is to get the backup server to rsync with one of our remote sites for the off site backup.

We have lately been visited by the boys from .ru and .ro due to good passwords we have managed to keep the visitor out of the network, we also changed out ssh port away from the default for better security.

We would like the backup system to be totally automatic, when I was reading up on the bruteforce attacks I read recommendations that we should have ssh that need passwords to be manually inserted for extra security.

How secure is sharing NFS folders over the internet. we would configure only one host to have access to the share is this enough for us or should we think deeper here.

Advice and ideas would be very welcomed.
 
Old 04-27-2010, 08:33 AM   #2
rizhun
Member
 
Registered: Jun 2005
Location: England
Distribution: Ubuntu, SLES, AIX
Posts: 268

Rep: Reputation: 47
Hi,

Personally, I would never make an NFS share available over the Internet.

You're opening up your server to any insecurities in the NFS protocol and, as NFS is not encrypted, whenever you accessed a file it would be transmitted in plain text through the cloud.

If you already have SSH set-up and secured why not use 'rsync' over SSH?
http://troy.jdmz.net/rsync/index.html

Hope this helps.
 
Old 04-27-2010, 08:34 AM   #3
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,566

Rep: Reputation: 510Reputation: 510Reputation: 510Reputation: 510Reputation: 510Reputation: 510
NFS (v3) isn't encrypted, so completely wrong. v4 seems to support encryption, so try asking Google how to do it, and make sure both ends support NFS v4, etc.
 
Old 04-28-2010, 09:05 PM   #4
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5
Posts: 16,086

Rep: Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983
I'd go with rsync over ssh or sshfs
 
Old 05-03-2010, 07:23 AM   #5
daveginorge
Member
 
Registered: Oct 2006
Location: Porsgrunn, Norway
Distribution: CentOS 5
Posts: 93

Original Poster
Rep: Reputation: 16
Thanks for the input guys. I will maybe get back when/if I need help with passwordless ssh
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to automount nfs shares Savita Eli Red Hat 6 08-04-2009 04:17 PM
automount NFS shares Savita Eli Linux - Networking 1 07-24-2009 01:58 PM
automount NFS shares Savita Eli Red Hat 1 07-24-2009 01:57 PM
NFS shares sachinh Linux - Server 3 06-19-2008 03:42 AM
NFS shares not working windsurfer Linux - Software 6 04-10-2007 04:58 AM


All times are GMT -5. The time now is 08:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration