#REMOTE US PARANOID INSTALL#
install SSH and create a tunnel between the two computers.Supposing you have two computers running linux (easier) or even any other OS that have the needed tools implemented and you want only the latest backup: You need just the most recent copy of the data, or a historic backup, like version control? This is because I have not used this technology before. Any advice welcome.ĮDIT: I'm not discounting using VPN, but I would need to convice myself (and my supervisors) that this method is near idiot proof. I think the first is far from foolproof and I can't afford the second. Is there any alternative to VPN for this?įinally, since the server in the distant location is only required to copy the backup onto a hard-disk - is there a way of locking this system down so that only transmitted documents are saved to the hard disk (preventing malware from accidently being installed).Ĭurrently all the solutions seems that I have found involve either VPN or a leased telephone line. I would like to keep the server and the backup server as isolated from the internet as possible - allowing only the scheduled copy to be communicated to the outside world. Desktop users (who do have the internet) have access to only low privilege accounts on the server. (I worry, for example, that a VPN has too great a functionality, and causes me to become a security risk.)Ĭurrently the office server (that makes the backups) is isolated from the internet. The company cannot afford a leased telephone line, which is the only way I currently think of to achieve this aim. Is this something that is possible to guarantee? In short, I want my server to be able to communicate to a well defined external computer and only this computer. This is largely to prevent myself (or a system admin in the future) misconfiguring the solution in ignorance. I am therefore looking for solution that has very limited functionality. The data is very sensitive and the chances of a sophisticated attack are considered to be fairly high. I therefore want to automate the copy to a computer/hard-disk that is far away from the building. Practically, however, the chances of someone doing this regularly are slim.
The best solution would be to copy the data onto a new hard-disk and lock it in a safe. I want to schedule the copying of our backups to protect our data in case of fire. I'm a system admin with little security experience.