Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Arkeia Network Backup Agent Remote Access

timothy posted more than 9 years ago | from the security-is-for-dead-people dept.

Security 168

hdm writes "The Metasploit Project has published a security analysis of the Arkeia Network Backup Client. Anyone able to connect to TCP port 617 can gain read/write access to the filesystem of any host running the Arkeia agent software. This appears to be an intentional design decision on the part of the Arkeia developers. A long-winded description of this issue, complete with screen shots, demonstration code, and packet captures can be found in the research article. Arkeia has been credited with being the first commercial backup product for the Linux platform."

Sorry! There are no comments related to the filter you selected.

fp (0, Offtopic)

lord_rob the only on (859100) | more than 9 years ago | (#11734722)

fp

Somebody has to say it (4, Interesting)

Renegade Lisp (315687) | more than 9 years ago | (#11734729)

Well, to state the obvious: Would this problem have survived for so long if Arkeia Network Backup had been open source software?

Large enterprises migrating to Linux now should be careful not to throw away the biggest advantage of their new platform by committing to all sorts of closed source software that happens to run on it.

For the time being, I guess I'll stick to my proven, open source (free software even) backup solution involving tar, gpg, and ssh.

Re:Somebody has to say it (1)

eibon (825176) | more than 9 years ago | (#11734761)

Would this problem have survived for so long if Arkeia Network Backup had been open source software? Well, considering that "This appears to be an intentional design decision on the part of the Arkeia developers", I guess it would.

Re:Somebody has to say it (5, Insightful)

badfish99 (826052) | more than 9 years ago | (#11734784)

No it wouldn't, because people would have spotted the decision at an early stage and told the developers that it was stupid.

With a commercial product, it took someone with a network sniffer to discover this. So it's just a lucky fluke that someone other than the bad guys knows about it.

Re:Somebody has to say it (1)

file-exists-p (681756) | more than 9 years ago | (#11735143)


So it's just a lucky fluke that someone other than the bad guys knows about it.

Sure :) Considering the complexity of the exploit, it is obvious nobody did it before it made the headlines on slashdot.

Come on.

--
Go Debian!

Re:Somebody has to say it (1)

Anonymous Coward | more than 9 years ago | (#11735238)

Insightful? Is that really the closest mod to 'unnecessary answer to rhetorical question'??

Re:Somebody has to say it (1)

Renegade Lisp (315687) | more than 9 years ago | (#11734787)

Well, considering that "This appears to be an intentional design decision on the part of the Arkeia developers", I guess it would.

Haha, point taken. There is no security hole large enough that couldn't be justified by a committed team of developers.

I guess, though, I should have said: Would this problem have gone unnoticed for so long if this had been open source?

Re:Somebody has to say it (1, Redundant)

mirko (198274) | more than 9 years ago | (#11734781)

Linus has another solution [wikiquote.org] :
"Only wimps use tape backup: real men just upload their important stuff on ftp, and let the rest of the world mirror it."

Addendum : (2, Funny)

da5idnetlimit.com (410908) | more than 9 years ago | (#11735268)

"Said Linus Torvald, 10 Minutes before a HDD crash made him lose most personal notes, emails, docs and latest kernel modification his cron job didn't get a chance to duplicate..."

Check it up...

Re:Somebody has to say it (0)

Anonymous Coward | more than 9 years ago | (#11734954)

Actually (TSM) will do the same thing as this product. Probally even better(more mature)

Re:Somebody has to say it (4, Funny)

Eric Giguere (42863) | more than 9 years ago | (#11735048)

if Arkeia Network Backup had been open source software

Well, it kind of is open source software... install it and it opens up your source (and pretty much anything stored on your computer) to anyone who wants it!

Eric
See what headers your browser is sending [ericgiguere.com]

Re:Somebody has to say it (2, Informative)

Donny Smith (567043) | more than 9 years ago | (#11735062)

> For the time being, I guess I'll stick to my proven, open source (free software even) backup solution involving tar, gpg, and ssh.

You aparently either run a limited number of basic backup jobs and/or have plenty of time to write backup scripts, which is not bad as you need something to make yourself look very good at your job.

And FYI Arkeia Light is free (as in "one can use it at no cost"), see arkeia.org.

Re:Somebody has to say it (2, Insightful)

Rich0 (548339) | more than 9 years ago | (#11735361)

Hmm - doesn't look like it fits my bill (a shame - I'be been looking for a better backup solution and have yet to find it).

Here are my requirements:

1. Backups are encrypted.
2. Backup data can be split across media.
3. Backups can use include/exclude criteria.
4. Corrupted backup files are recoverable.
5. Backups are compressed.

I've yet to find anything free which does all of this. Instead I'm using a short shell script combo of tar/bzip/gpg/split which gets the job done, but not elegantly. I'm not 100% sure how successful #4 would be with this setup. I think gpg has some support for corrupted files.

Honestly, I don't care that much about ECC and all that. My main concern with #4 is that if one byte in the backup file is messed up, I don't lose the ability to read everything else in the file. I can tolerate having one file on my system which gets lost in a disaster...

Easy: Use QuickPar or some form of PAR2 (3, Informative)

jvbunte (177128) | more than 9 years ago | (#11735491)

Here is an instance of the warez-monkies indirectly contributing something useful. PAR2 is essentially a RAID5 type data parity for files. Warezpups use it to add a layer of parity to their hundreds of RAR files (or whatever). If one (or more) RAR's go bad, the parity files can be used to reconstuct the bad file. Much like RAID5 however, there is a space sacrifice for this extra parity layer.

http://sourceforge.net/projects/parchive/

Its frequently used on USENET binaries groups now as well to solve the missing part problems.

I'm sure this exact strategy could be integrated into your backup solution with minimal effort.

Re:Somebody has to say it (2, Informative)

nurd68 (235535) | more than 9 years ago | (#11735713)

Have a look at dar (should handle 1-3, and 5) with par2 to get 4.

Actually, even without par2, dar will be able to get all the files except the ones in regions with bad data, IIRC.

Just like Microsoft (-1, Flamebait)

tabkey12 (851759) | more than 9 years ago | (#11734730)

Insecurity (& root privileges) by design...

got root? (2, Insightful)

cgranade (702534) | more than 9 years ago | (#11734734)

Seems to me that the only way to get r/w access to the entire filesystem is if either a) the backup daemon is running as root, or b) if the backup daemon's user or group has r/w access equal to root's. In either case, the sysadmin would have to be on crack to do that. Not that read-only access is OK by any stretch, but just making the point. Oh, and before idiots start saying "see, open source isn't secure," let me remind them that this is a commercial product that was comprimised. If anything, I'd take this as further evidence of the virtues of open source.

Re:got root? (1, Insightful)

pmsr (560617) | more than 9 years ago | (#11734749)

I hate to spoil your party, but how are you going to backup user files if you don't have access to them? It is obvious the backup client has to run as root.

/Pedro

Re:got root? (2, Interesting)

danielrose (460523) | more than 9 years ago | (#11734766)

Perhaps allowing read only access to the physical device, ie /dev/sda, and backing up at a bit level, of course this does not seem to be as economical or easy as backing up individual files... but i may be wrong.

Re:got root? (1)

pmsr (560617) | more than 9 years ago | (#11734777)

For that you don't need Arkeia or any backup software of sorts. If you lose ability to do incremental or differential backups, or even RESTORE files on their location...

/Pedro

Re:got root? (1)

danielrose (460523) | more than 9 years ago | (#11734788)

thats right.. dd or cpio will do the trick.. you could restore files to their location, by mounting the image of the device as a loopback and copying the required file off
of course it is less than elegant..

Re:got root? (1)

mirko (198274) | more than 9 years ago | (#11734909)

If you have access to the physical device, it becomes possible to simulate an FS on top of your data stream... unless it's encrypted, of course.

Re:got root? (2, Informative)

TheRaven64 (641858) | more than 9 years ago | (#11734933)

Backing up from the raw device rarely a good idea. Backups of this nature need to be atomic, so you need to unmount the filesystem, copy it, and then remount it. You will need to keep the FS unmounted for long enough to do a complete copy. A better solution is to provide rôle-based access control (SELinux does this, for example), and create a backup rôle which has read access to all files on mounted filesystems.

Re:got root? (2, Insightful)

cgranade (702534) | more than 9 years ago | (#11734818)

Why not give the daemon read-only access to the source for backups? Seems like it's be a straight-forward enough thing to do.

Re:got root? (1)

pe1rxq (141710) | more than 9 years ago | (#11734873)

You could still access /etc/shadow and get all the passwords. Do a little offline crack and you can ssh back in for some real damage...

Jeroen

Re:got root? (0)

Anonymous Coward | more than 9 years ago | (#11735004)

Easy. Just don't give the backup daemon any permissions on password files. If you're on a small network with few users, big deal if you lose it in a disaster. Just remember to set up your half dozen users again on your new installation. In a large network, you *are* keeping documentation on your users - everything but their passwords - aren't you?

Re:got root? (2, Insightful)

FLAGGR (800770) | more than 9 years ago | (#11735024)

To the second point..

but thats the whole point of the /etc/shadow... passwords... everything else is in the public readable /etc/passwd. In a network with more than 10 users you want to keep a backup of the /etc/shadow somehow.

I hate to spoil yours, but... (1)

aug24 (38229) | more than 9 years ago | (#11735097)

Access requires r/o. The guiding rule of all software dev should be 'no more privs than absolutely necessary'.

Justin.

Re:I hate to spoil yours, but... (1)

fymidos (512362) | more than 9 years ago | (#11735281)

Even so, everyone will be able to read everything.
IMHO you still have a big problem.

Re:I hate to spoil yours, but... (1)

aug24 (38229) | more than 9 years ago | (#11735514)

Yeah, but that's rather the point of a backup system, as one of the parents said! How could you back up the files if you couldn't read them?!

Having weak security is bad, but having write access as well is a mess.

J.

Re:got root? (4, Insightful)

Zocalo (252965) | more than 9 years ago | (#11734759)

It's a piece of backup software, at the very least it needs to have read access to everything it is going to be used to backup. If you are planning on doing a full system backup, that means it needs read access to the whole filesystem or it can't do it's job. That doesn't mean it needs to be running as "root" of course; ideally such a tool would be running with a dedicated user and group. On a Windows box however it's not uncommon to see backup utilities running with higher priviledges than the "administrator" account because that's the only way to sidestep things like system file protection and other tricks Microsoft uses to protect the system from abuse.

Re:got root? (1)

pe1rxq (141710) | more than 9 years ago | (#11734879)

The problem this thing is giving access to everyone without any authentification.....
That is a really bad thing.
You really don't want the whole world to have access to your shadow password file.

Jreoen

Re:got root? (1)

Creepy Crawler (680178) | more than 9 years ago | (#11734957)

Wow, whats this /etc/shadow file? Better grab it to *ahem* back it up.

*runs a permutation-based dict attack on the md5 sums*

Wow, who's this admin running his password as.. Password?

Re:got root? (1)

Renegade Lisp (315687) | more than 9 years ago | (#11734765)

Oh, and before idiots start saying "see, open source isn't secure," let me remind them that this is a commercial product that was comprimised. If anything, I'd take this as further evidence of the virtues of open source.

Errrm, forgive me, but it's a bit hard to grasp the logic in that. Are you saying that the idiots might say: "look, there's a security problem on Linux, so open source isn't secure." And you remind them that this problem is due to some piece of proprietary software that is not open source?

Fair enough (although that kind of logic really sounds weird to me). But be careful to claim "commercial software" is an opposite to "open source". There's lots and lots of "commercial software" that is open source by every accepted definition (e.g. MySQL). The real opposite of "open source" is "closed source", or "proprietary software" (such as Arkeia Network Backup).

Re:got root? (1)

fymidos (512362) | more than 9 years ago | (#11735301)

This is a clear example of a problem that can never exist in opensource projects.
You cannot have this kind of "design decisions" if your code is open...

Re:got root? (1)

mmkkbb (816035) | more than 9 years ago | (#11735546)

Yes, you most certainly can, unless all users run a complete code audit before installing anything from source.

Re:got root? (1)

fymidos (512362) | more than 9 years ago | (#11735694)

>unless all users run a complete code audit

Actually, no. If only *one* user (or developer) gives it a look, people will know.

Re:got root? (0)

Anonymous Coward | more than 9 years ago | (#11734770)

Let me remind them that this is a commercial product that was comprimised.

Wouldn`t the word compromised imply there was security to begin with? From the article: Something still seems to be missing... What happened to authentication? Could those "root" strings somehow be the username and password? The install process for the backup client does not provide an option or utility to set the password. The user manual makes it clear that the root password for the backup server software should be changed, but it doesn't have any information on setting a password for the client side. If the username and password for the agent is "root", why is it being sent in the clear in the first place?

bad issue (1)

progr (861248) | more than 9 years ago | (#11734754)

I cannot undestand how a thing like that could be an "intentional design decision".

I like my backup like I like my hookers: (1)

spectrokid (660550) | more than 9 years ago | (#11734821)

wiiiide open

Microsoft style (1, Offtopic)

yogikoudou (806237) | more than 9 years ago | (#11734755)

"It's not a bug, it's a feature !"

One more strike (0)

Anonymous Coward | more than 9 years ago | (#11734756)

Does anyone else dislike their UI with a passion? At least on the no-cost version of their product... it's unusable. I'd rather throw down cash on ARCserve.

Re:One more strike (3, Informative)

bferrell (253291) | more than 9 years ago | (#11734813)

Arcserve is nice. But what about bacula?

http://www.bacula.org/

Not a bug; it's a feature? (4, Funny)

physicsphairy (720718) | more than 9 years ago | (#11734757)

"This appears to be an intentional design decision on the part of the Arkeia developers."

Does this mean that, possibly, they were anticipating people *not* being able to access TCP port 617? I.e. "we trust you know how to properly configure your firewall."

So far, I can narrow down to either that, them being drunk when they coded this, or this being a case of the improper usage of the word "intentional."

Re:Not a bug; it's a feature? (1)

moz25 (262020) | more than 9 years ago | (#11734774)

I consider closing of unnecessary ports (that is: unnecessary for any remote use) to be reasonable security practice. However, to have it be the only layer of protection is of course rather dubious.

I doubt that "intentional" is correct, but when a security hole is so blatant, the term does come to mind.

Re:Not a bug; it's a feature? (4, Insightful)

Zocalo (252965) | more than 9 years ago | (#11734849)

Even if they were making the somewhat idiotic assumption that all of their users were behind a properly configured firewall, so what? That makes absolutely zero provision for a potential cracker having already circumvented the firewall by other means or even the possibility that they might be an employee. Or haven't they seen any of the reports that a significant amount of computer crime is committed by aggrieved employees?

I don't think it's so much improper usage of the word "intentional" as an incorrect synonym for the term "brain dead".

Re:Not a bug; it's a feature? (1)

prefect42 (141309) | more than 9 years ago | (#11734938)

You're assuming that you have an institutional firewall, but nothing on individual machines. It's not unreasonable to suggest it could be sane to run system firewalls that restrict port access. It's still not sensible having that as the only security on the port though.

Uh... (2, Insightful)

warrax_666 (144623) | more than 9 years ago | (#11734980)

... if the software doesn't need the port to be open on the internal network then why is it open?

Firewalling the port on each indivudual system behind the main firewall would then imply that the software couldn't actually function (for any reasonable definition of the word "function").

Re:Uh... (2, Insightful)

prefect42 (141309) | more than 9 years ago | (#11734992)

Have you never used a firewall? Think filtered not blocked. Configure it such that it'll only allow packets from the backup server to that port. Bingo, job's a goodun.

Re:Uh... (1)

am 2k (217885) | more than 9 years ago | (#11735015)

Configure it such that it'll only allow packets from the backup server to that port.

Well, except that it's easy to switch IP once you're in the right network (that's what Mitnick did, the system was using rlogin/rcp).

Re:Uh... (1)

prefect42 (141309) | more than 9 years ago | (#11735033)

Which is why it was poor that it was the only security measure; I wasn't defending their 'solution', but it's at least a barrier of sorts...

Well, duh, (1)

warrax_666 (144623) | more than 9 years ago | (#11735040)

but how hard is it to take over the IP of another machine? There's a reason people don't do authentication-by-IP (or MAC for that matter).

from the arkeia site (5, Funny)

Dr.Opveter (806649) | more than 9 years ago | (#11734768)

Arkeia.com [arkeia.com]

I was looking for a Client-Server backup system that could offer me the possibility of backing up Unix/Linux and NT Servers on a single tape system.
After long research my choice went to the Arkeia solution, because it has all the benefits I needed. Since then, it runs like a black box, without any need of additional Service.

Tom Weber, IT Manager
RTL TV (Europe)

The backup system running like a black box might not be a good thing here eh?

Re:from the arkeia site (0)

Anonymous Coward | more than 9 years ago | (#11734872)

I bet you're Canadian, eh?

Re:from the arkeia site (4, Insightful)

DingerX (847589) | more than 9 years ago | (#11734915)

I'd say the worse thing here would be being a published user of a system with an "interesting" security hole like that; all of a sudden, a friendly testimonial becomes an advertisement of a vulnerability.

Unless, of course, they've got everything firewalled to tuesday.

Zzzzapp

Nope, metal.

Re:from the arkeia site (1)

Dr.Opveter (806649) | more than 9 years ago | (#11735337)

The testimonials list [arkeia.com] only has a few companies/organisations named, but they say they have 4,000 corporate-class clients. I sure hope Arkeia will notify their customers of this 'extra' product feature.

Specifications (5, Insightful)

Fox_1 (128616) | more than 9 years ago | (#11734799)

It's very frustrating when you find previously unknown and undocumented features in software that you have purchased. I remember having to provide clients with full copies of the specifications and code for software so that they would be able update/repair/modify if I was hit by a bus or something. Security through obscurity is not safety, that should be validated by now simply by the sheer number of stories similar to this Arkeia one. Open Source Software at least has the beauty of the source code being readily accessible so that the user/admin/owner can see what they are installing on their system. This poor guy in the article ended up having to reverse engineer his software to find out the security dangers. Which may be against a law somewhere, ha - putting a backdoor into software you give me not illegal, finding that backdoor - may be me in trouble. I love it.

Re:Specifications (4, Insightful)

TheRaven64 (641858) | more than 9 years ago | (#11734911)

I think your post is probably the best one I've read on Slashdot explaining the benefits of open source, or free, software. It's not about giving the code away to everyone free of charge, it's about ensuring that those people who rely on the code have the ability to modify it.

Re:Specifications (1)

Creepy Crawler (680178) | more than 9 years ago | (#11734945)

---Security through obscurity is not safety

You dont say..

Im choosing a number between 2^0 and 2^69. If you dont get it the first time (or in 56 hours), Im using obscurity to hide the number.

Sheesh, guess you're good at parroting out the line, but security by obscurity does in fact work. Though, obscurity is best effective when mixed with true hardness.

Re:Specifications (3, Insightful)

hunterx11 (778171) | more than 9 years ago | (#11734977)

Obscurity would be hiding the fact that your safety is reliant on a number between 2^0 and 2^69 (as opposed to say, a word). If you do use such a number and don't feel the need to hide this fact, then your security is not through obscurity, it's through hardness.

Re:Specifications (2, Insightful)

Fox_1 (128616) | more than 9 years ago | (#11735093)

Exactly - choosing a number that is hard to guess is security through hardness
not telling me that number even exists would add security through obscurity
The point is though that this software relied on obscurity to protect the built in backdoor, once that obscurity is gone the software doesn't even have something as brillant as a hard to guess number protecting the backdoor.
I call it the jerk arguement
- I can call you a jerk behind your back - security - obscurity
if you hear about it though - i'm hosed
- I can call you a jerk to your face, while holding my louisville slugger
security - Hardness (maple in this case)
(no offense I don't even know you and of course don't mean to suggest anything negative about you, just creating an example)

Re:Specifications (0)

Anonymous Coward | more than 9 years ago | (#11735502)

Ah but someone might have a gun.

Re:Specifications (2, Interesting)

Spoing (152917) | more than 9 years ago | (#11735100)

  1. It's very frustrating when you find previously unknown and undocumented features in software that you have purchased.

Well, for this situation finding a potential problem is easy: Port scan, [insecure.org] security scanner. [nessus.org] Two things that you should be doing on every network enabled device.

The time consuming part comes with the follow up where you check the results of the scans on the local machines [tcpdump.org] and determine if you trust that the exposed services are being handled by secure apps. If in doubt, use an encrypted tunnel or yank the service -- whatever is appropriate. (If neither is an option, determine the danger and try and deal with it as best you can.)

Along with that, setting up a filter to check for supposedly unused ports can catch some clever developers.

Not perfect (it doesn't handle piggybacked dynamic connections on port 80 for example), though it is a good initial test.

Just imagine if this were a Windows app (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11734800)



Just imagine if this were a Windows app - there'd be a long list of "haha, Windows opens up all your data to the world". Ha-ha! (Munce)

The oldest excuse in the book (4, Insightful)

HeghmoH (13204) | more than 9 years ago | (#11734829)

"It's not a bug, it's a feature!"

What a bunch of morons. It's one thing to accidentally write a security hole in your software. It's another thing entirely to claim that you deliberately make it so your software leaves your users' systems wide open to anybody who feels like taking advantage.

Re:The oldest excuse in the book (0)

Anonymous Coward | more than 9 years ago | (#11735679)

It's only the default setting, you ignorant cunt.

A good saying (2, Insightful)

Capt'n Hector (650760) | more than 9 years ago | (#11734836)

Never attribute to malice what is explainable by stupidity. (though the Bush admin. has stretched my imagination...) Though it appears intentional, there is probably a very good explanation for all of this. Needless to say, we'd better be hearing soon from Arkeia as to exactly WHAT that explanation is.

Re: Arkeia Devel smoking pot with Bush (0)

Anonymous Coward | more than 9 years ago | (#11735025)

Evidently, the Arkeia team was taking a
toke of the same stuff George Bush has
now admitted to puffing on.

So much for Christian virtue.

It may have been said before... (5, Funny)

caluml (551744) | more than 9 years ago | (#11734847)

Well, let me be the first to say that I for one welcome our new nmap -sS -PS617 -iR 0 -p 617 -ing overlords.

Security available, just not enabled by default (5, Insightful)

Anonymous Coward | more than 9 years ago | (#11734875)

Arkeia provides both authentication and encryption of the connections - if you enable it. There is a part of the manual that covers how to enable security.

It is indeed bad that it is not enabled by default. On the other hand, enabling authentication of the backup server on the backup clients means that it is slightly harder to set up a backup client.

The problem is not much worse than, say, nfs. (Where impersonating a host can get you everywhere unless authenticated rpc is used.

Re:Security available, just not enabled by default (1)

ananke (8417) | more than 9 years ago | (#11735520)

There are a few differences between NFS and this. First, with NFS you are aware about its limitations and shortcomings right from the start. Nobody hides that. Second, you can still restrict NFS share to be read only. Third, I don't use arkeia, but after quickly glancing at the exploit page, it seems to indicate that there is no way to enable authentication for this.

Already have that feature... (0, Redundant)

timotten (5411) | more than 9 years ago | (#11734887)

Anyone able to connect to TCP port 617 can gain read/write access to the filesystem of any host running the Arkeia agent software. This appears to be an intentional design decision on the part of the Arkeia developers... the first commercial backup product for the Linux platform...

Ha! I've already got a feature just like that, and I didn't even have to pay for my NFS software.

The slashdot community mourns the death of (-1, Offtopic)

conteXXt (249905) | more than 9 years ago | (#11734896)

Hunter S Thompson

Died yesterday. Apparent suicide.

Re:The slashdot community mourns the death of (-1, Offtopic)

FyRE666 (263011) | more than 9 years ago | (#11734968)

Woah! I thought this was just another troll - I just got through reading another of his books too...

SPAM :: Mod Parent Down ! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11734985)

uuh, can you say "-1 off topic"?

Hunter S Thompson's death, while tragic, has NOTHING (that I am aware of) to do with the topic. You are injecting this comment in order to direct attention away from the topic to another topic that you feel is worthy of notice. but guess what buddy thats called spam afaik and i don't like it in this form any more than i like the offers to have my boobs and penis enlarged.

if you want to leave a memorial to Mr Thompson I am quite sure there are better places to do it.

Re:SPAM :: Mod Parent Down ! (1)

conteXXt (249905) | more than 9 years ago | (#11735478)

my apologies.

building resserves (1)

already_gone (848753) | more than 9 years ago | (#11734910)

as part of the creators' wildly popular planet/population rescue initiative/mandate.

nothing to be afraid of, unless you're inexorably joined at the hype, with unprecedented evile et al.

if that's the case, lookout bullow.

for most of US, all is, not lost/just beginning.

consult with/trust in yOUR creators, (re)defining the 'laws' of physics, gravity, etc..., &, providing more than enough of everything for everyone (without any distracting/spiritdead personal gain motives) since/until forever. see you there?

easy to remember, & no phonIE gadgetry involved:

If my people, which are called by my name, shall humble themselves, and look upwards, and seek my peace, and turn from their wicked ways; then will I hear them, and will forgive their blindness, and will heal their saddened hearts, and their land.

Hum off topic'ish. (5, Insightful)

zijus (754409) | more than 9 years ago | (#11734953)

Hi there.

Well I just dealt recently "simple" backups via rsync + ssh. If you can rsync something from remote onto target with no special protection regarding rsync... If target is compromised, a malicious user can run arbitrary commands through rsync. And rsync server provides full read access to FS. (Well, within user permissions though.) Isn't it a bit the same problem that this software has? I would not be surprised to hear that you can customize the backup server to limit access/actions for better sefety. Which is exactly what you have to do with ssh on remote server: filter commands passed through ssh before running them. I mean: each remote you want to back up will have to be worked on a little.

It's off topic but FYI: Rsync server can take as a file list an arbitrary unix command.

rsync user@remote:'`\rm -rf /`' .

Pretty efficient isn't it ? (unix file perm will limit the damage though).

Bye bye.

Z.

Re:Hum off topic'ish. (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11734995)

Well I just dealt recently "simple" backups via rsync + ssh.

I'm assuming you are doing really simple backups...how do you handle complicated tape library management (ie: tape robots, backup aging, onsite/offsite backups) automatically without having to use software more complicated than the basic Unix command line utilities? I'm not targeting you in particular, but there seems to be a lack of realization in general in this thread that backup systems are usually more complicated than just sticking an 'rsync' or 'dd' command into your cron files.

Re:Hum off topic'ish. (1)

Querty (1128) | more than 9 years ago | (#11735324)

You can restrict the commands and arguments allowed by ssh. If you don't restrict this, though, you are in deep poo.

Examples at: http://sial.org/howto/rsync/

Re:Hum off topic'ish. (2, Informative)

Chris Croome (24340) | more than 9 years ago | (#11735340)

If target is compromised, a malicious user can run arbitrary commands through rsync.

I agree this is an issue, the best solution I have found is Push Mirroring [debian.org] with this the command that can be run is put in the ssh public key and then the compromised client can only run this specific command.

Only wimps use tape backup... (2, Funny)

ttys00 (235472) | more than 9 years ago | (#11734964)

...real men just install Arkeia for their important stuff, and let the rest of the world mirror it :)

A little filtering (aka firewalling) might be good (1, Interesting)

badger.foo (447981) | more than 9 years ago | (#11734986)

I see this story mainly as a reminder that your default firewall policy should be to block. Then open up only what you need.

Seriously, 617 may be a very nice number, but the number of host with a real need to access that port on your machine is likely to be a short one.

Oh well. See http://undeadly.org/ [undeadly.org] for links to a vaguely relevant lecture / tutorial.

Sad (1)

Rock-n-Rolf (79046) | more than 9 years ago | (#11734993)

It really makes me sad that Arkeia now gets a bad reputation. They have been one of the first companies that had belief on Linux and provided a commercial software. A good backup tool for Linux was needed at that time (long before IBM or Oracle got aware of Linux) and we at SUSE then decided to promote their product. I didn't follow the development of Arkeia for a couple of years now, but this bad press, although I cannot judge wether the accusation is correct or not and a response hasn't been seen, makes me sad.

Re:Sad (0)

Anonymous Coward | more than 9 years ago | (#11735105)

...although I cannot judge wether the accusation is correct or not and a response hasn't been seen, makes me sad.

Generally speaking, when common security testing apps have already added an exploit for a vulnerability and the amount of people scanning for it has caused the ISCs detectors to light up like Xmas trees, that's a pretty good sign that the problem does actually exist.

Actually it's not the first (0)

Anonymous Coward | more than 9 years ago | (#11735043)

According to http://www.bru.com/about.html [bru.com]
BRU Backup & Restore Utility was first developed to support UNIX systems in 1985. In 1994 BRU became the first available commercial end-user Linux application, released at Linux kernel 0.99pl12. Since then, BRU has been awarded more recognition from the Linux community than any other backup software tool.
Maybe Arkeia is the first commercial NETWORK backup utility for Linux. Or maybe BRU developer is wrong.

Re:Actually it's not the first (1)

BJH (11355) | more than 9 years ago | (#11735262)

No, sounds about right. I remember one of the first commercial distributions I bought came with BRU.

Use the internet as a backup (1)

tom taylor (610506) | more than 9 years ago | (#11735047)

Of course it's a feature... why bother backing up to tape or HDD when you can let the internet do your backups for you?

Call to slashdot from a now ex-Arkeia customer. (2)

Ritontor (244585) | more than 9 years ago | (#11735074)

Well well, isn't this interesting. I've had Arkeia running for a while now, backing up a number of different machines with a variety of linuxes, and I chose it because it was the only one that had any sort of support for Debian Sarge. It's been fine, apart from some unstable MySQL support, but other than that, a great piece of software. Until now.

I can't ever trust these guys again. When I first installed it, this issue occured to me, and I just assumed "no way could those guys be that stupid, they must have some internal IP restrictions" - and indeed, seeing as when you install the client it asks for the host server, I figured everything would be fine. If only I had've been wearing my tinfoil hat...

So. Who's got any better recommedations? I want some network capable, high quality backup software. Amanda doesn't cut it, and that was the best of the freeware stuff I saw. What else is out there that has support for a variety of linuxes? Veritas Netbackup wouldn't even touch a Sarge install, it was a dependency hell that I didn't have the time nor patience to get in to. I've got Redhat boxes, from 7.2 to 9, that all need backing up too... So what are the pros out there using? Is there anything that isn't rsync and a few mt commands in a bash script?

Re:Call to slashdot from a now ex-Arkeia customer. (1)

saundo (312306) | more than 9 years ago | (#11735339)

whoa, easy there Tex. Let's not throw the baby out with the bathwater yet.

How about applying a firewall to your hosts to limit 617/tcp connections to your backup host? Firewalls on internal hosts should be there already, as should the host-based IDS.

Re:Call to slashdot from a now ex-Arkeia customer. (1)

Ritontor (244585) | more than 9 years ago | (#11735506)

Sure, I can do that, but a remote root hole one day and a glaring oversight in design the next has just thrown me in to paranoia mode. I don't think I'd be able to sleep at night knowing that there was such a poorly written piece of software running on my servers.

Besides which, the Java GUI never really worked all that well. I think it's time to take a look at other options.

Re:Call to slashdot from a now ex-Arkeia customer. (0)

Anonymous Coward | more than 9 years ago | (#11735415)

Try BrightStor Arcserve from CA. There isn't official support for Debian but, it will probably work just fine. It has worked, for me, on other unsupported distributions.

The only problem I've found so far is that it comes from CA. I love to hate ArcServe but, I haven't found anything better yet.

Re:Call to slashdot from a now ex-Arkeia customer. (1)

dTb (304368) | more than 9 years ago | (#11735692)

Bacula on Sourceforge [sourceforge.net] and their own site. [bacula.org] works very well as a networked backup system.

Hunter S. Thompson, dead at 65 ! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11735108)

I just heard some sad news on talk radio - "Fear and Loathing" writer Hunter S. Thompson was found dead in his Colorado home this morning. There weren't any more details, except that he shot himself. I'm sure everyone in the Slashdot community will miss him - even if you didn't enjoy his work, there's no denying his contributions to popular culture. Truly an American icon.

Ever try Tapeware? (1)

GweeDo (127172) | more than 9 years ago | (#11735113)

Well, in light of this I guess I will plug the backup software I have been using. At my work we are using Yosemite's Tapeware [yosemitetech.com] . We currently backup two Linux servers and one Windows server and it works very well. You can manage the storage group from any of the servers (CLI on the Linux box's, GUI on the Windows machine). Yosemite even offers a 30 day trial of their software with no limitations. I am not sure how well it works on a larger setup than what I have, but for my needs, it works great and is cheaper than Arkeia too.

Not necessarily bad (0)

Anonymous Coward | more than 9 years ago | (#11735137)

depending on how you do things.

Typically, you should be using key based authentication and encryption in an unsecured network. For a secured network where you are filtering and blocking access based on port and and source ip address, it would be safe and you would get better network i/o throughput. Note that physical security is part of that. But this should be an up front and well publicised requirement for the backup software.

Somebody mentioned in another post with regard to rsync that you could filter on "user@rhost". That's not entirely safe if "rhost" is a multi-user machine since the remote user name is supplied by the remote app and you can put any value as the user name you want.

Arkeia! (1)

fsck! (98098) | more than 9 years ago | (#11735231)

That's not just the name of the product, it's the sound your digestive tract will make when you try to use it! Seriously, this announcement should serve as justice to anyone who found Arkeia and stopped looking. Your much better off with Amanda or TapeWare. Not that I've audited TapeWare or anything, but I've done several thousand backups with it and I know how robust it is.

http://www.tapeware.com/ [tapeware.com]

Re:Arkeia! (1)

Taladar (717494) | more than 9 years ago | (#11735672)

but I've done several thousand backups with it and I know how robust it is.
Have you done a restore? Most problems with backup software arise when you try to restore something, not when you backup the files.

Proof that Windows is more secure! (1)

doublem (118724) | more than 9 years ago | (#11735707)

Entering Balmer Mode

Yes!

Now we can see a system configured for enterprise use with enterprise grade software is completely vulnerable! Linux is a sieve! It can't protect you data, why there are millions of machines infected with Linux that can now be remotely accessed by ANOYNE for any purpose? How many of those machines are being used for kiddie porn, illegal phishing sites and other similar and equally illegal activities?

The message is clear, install Linux and your data is open to the world.

Why, I'll bet it's even accessible to file sharing networks!

That's right, if you install Linux, all the world will be able to find your Star Trek / Star Wars ? Hobbit slash fiction!

(I'd say "The nude photos you took of your wife" but we all know that Linux users are a bunch of lonely, computer obsessed geeks with no social life outside of Dungeons and Dragons.)

The above message was brought to you by the Microsoft department of Information Distribution, and will be included, with an independently verified industry research paper, in the Q2 "The real facts about Linux" web site.

Arkeia Backs-up Great - Restore Is a Problem (3, Informative)

zentec (204030) | more than 9 years ago | (#11735711)

I ran Arkeia with a large web hosting firm for about 2 years mixed with Linux and Windows machines. We tested the backups extensively before deployment and spent $18,000 with Knox for licenses.

All seemed well until we needed to restore data. The logging indicated a perfect backup, but time and time again our restores were either failing or incomplete. On Windows, it simply wouldn't restore anything.

The solution, according to Arkeia was to purchase an upgrade ($12,000) which would solve all our problems. And since we refused to spend another 15% for a support agreement, that was our only alternative. I don't think so.

Needless to say, we went with someone else. Veritas had a great enterprise solution that worked with Linux and Windows (the server app runs only on Windows) and supports a huge array of tape drives. And it was one-third the price.

I can't definetly recall, but the Veritas agent also has some security peculiarities that raised some eyebrows. If you run any enterprise backup, I guess the answer is to make sure you're firewalled.

In this day and age of cheap disk drives, I wonder if anyone is using USB or Firewire drives and just using those for back-ups. A Lacie 250 gig Firewire drive is <$200.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?