Comprehensive data protection for all workloads
Post Reply
joergr
Veteran
Posts: 391
Liked: 39 times
Joined: Jun 08, 2010 2:01 pm
Full Name: Joerg Riether
Contact:

future improvements for the new immutable linux repo

Post by joergr »

Hi guys,

first of all, i really like the idea, the doing and all the efforts VEEAM has done for the immutable linux repo system in the V11 product.

I had a few thoughts about the topic and made up my mind. So here are some ideas for future improvements for the new immutable linux repo.

a) it would be good if the linux system could be not be reachable at all. So besides closing openssh, also closing veeamtransport on for instance 6162. One could solve it in such a way that the connection is established from internally (on the part of linux) to the VEEAM server stateful and thus no port on the linux side must be reachable from the outside at all.

b) at the same time there are possibilities where inexperienced linux users can make mistakes (for example, they have not cleaned the sudoers file when they accidentally used it, or not disabled NTP or not disabled SSH and so on). Here it might be a good idea if VEEAM could bring its own little hardened Linux, as a VM or ISO file in the future.

Thoughts?

Thanks,

Joerg
Gostev
Chief Product Officer
Posts: 31814
Liked: 7302 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: future improvements for the new immutable linux repo

Post by Gostev » 1 person likes this post

Hi, Joerg

Thanks for your kind words!

a) Since the Linux system does not know WHEN to establish the connection, it would have to keep a persistent connection to the backup server. This would require a major redesign of the core architecture and a long period of stabilization. Which is quite hard to justify, and it does not help security all that much as the hacker will still be able to connect to the data mover from the taken over backup server (which is how every attack starts).

b) Actually, we blocked the ability to accidentally populate the sudoers file right in the user interface in the V11 GA build. And there is a community tool already that helps inexperienced users with securing their hardened repository. As for a custom Linux distro, see my answer here.

Thanks!
Anton
joergr
Veteran
Posts: 391
Liked: 39 times
Joined: Jun 08, 2010 2:01 pm
Full Name: Joerg Riether
Contact:

Re: future improvements for the new immutable linux repo

Post by joergr »

Hi Anton,

thanks so much for the professional useful insight, as always, highly appreciated.

My though regarding a) was that you can not actively discover it on the network if you scan for it nor can you try to open a connection to it but then again you are very right regarding the situation where the Veeam server was hacked and thus access is given even if the linux repo would statefully connect from itself. One little advantage would be that you could prevent external finding without the Veeam server if for some reason the Veeam service on the linux repo would be vulnerable to an rce but then again, that is perhaps already thinking too far ahead and maybe too pessimistic.

Regarding b) yeah I hear you, maintaining a complete linux, even a mini linux can be quite a challenge and would certainly tie up many resources that are more importantly needed elsewhere in dev.

Thanks!
Joerg
Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 27 guests