Standalone backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)
Post Reply
snakeaj
Lurker
Posts: 1
Liked: never
Joined: Dec 12, 2019 11:52 am
Contact:

Account/Password is safe?

Post by snakeaj »

Hello!

I want to configure a realy safe backup for my server to a NAS.
NAS is only allowed to accept connections from one ip, only SMB Service, one Share, own account,..

NOW i am concerned about the Software.
I have to enter user/password in Veeam Agent to establish connection to the NAS.
How is that login saved on the server?
Is it possible eg. for a hacker to get that account information i have entered in my backup job?

thank you very much
alex

wishr
Expert
Posts: 3077
Liked: 448 times
Joined: Aug 07, 2018 3:11 pm
Full Name: Fedor Maslov
Contact:

Re: Account/Password is safe?

Post by wishr »

Hi Snakeaj,

We use DPAPI to store the credentials. Moreover, we take cybersecurity very seriously here at Veeam and have lots of security procedures in place to make sure our products, and thus, your business-critical data are securely protected from cyber-criminals at all layers.

Thanks

Gostev
SVP, Product Management
Posts: 29896
Liked: 5841 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Account/Password is safe?

Post by Gostev »

snakeaj wrote: Dec 12, 2019 11:56 amIs it possible eg. for a hacker to get that account information i have entered in my backup job?
Yes, it is definitely a possibility. This would require a hacker to wait for the next zero-day privilege escalation vulnerability in Windows, which will enable them to get LOCAL SYSTEM privileges. With that, extracting all saved credentials is trivial - whether from Veeam software, any other software, or Windows Credentials Manager itself.

The only real protection against cyber-attacks are air-gapped (offline) backups. For example, rotated hard drives or tape. There are also some creative solutions with automatically powering off NAS or network switch used by NAS once the backup is complete, to offline your backup storage until the next backup job run.

Post Reply

Who is online

Users browsing this forum: No registered users and 12 guests