From: Les M. <les...@gm...> - 2011-04-27 16:10:49
|
On 4/27/2011 10:40 AM, Adam Goryachev wrote: > >>> >>> I've got a number of random people's home PC's that I backup (friends >>> and relatives etc), and I'm wondering what methods people use to handle >>> this sort of environment. >>> >>> My latest method is to use the following components: >>> 1) dynamic DNS to find them >>> 2) static IP on the machine >>> 3) static port forwarding on their home modem/router >>> 4) install and configure cygwin SSH and rsync (not rsyncd) >>> >>> This method works pretty well for backing up non-open files (ie, the >>> users real documents/etc). >> >> Your step #4 I don't do, instead, I just copy a directory and use the open >> file backup method outlined here: >> >> http://www.goodjobsucking.com/?p=62 > > The first problem I see with this is that it requires the windows box to > be completely visible on the public IP... or at least enough port > forwarding as to expose the ADMIN$ share so that winexe can connect > remotely and execute the pre-exec.cmd etc... > > I'd prefer to restrict the external visibility to port 22, and restrict > that to key logins only... > > I can't be responsible for exposing peoples machines to attacks by > worms/virus/hackers/script kiddies/etc... > > Certainly solves some of the software installation and open files backup > though... > > Could that method be used over SSH? That would help the open files, but > then lead back to the same installation problem of installing SSH and > the service/etc... > > Suggestions/thoughts? An easy solution would be to run openvpn or equivalent which also takes care of the DNS/dynamic IP issue on the client side since the vpn can assign fixed private addresses. Openvpn works nicely over a single UDP port and is nat and port-forwarding friendly. Or you could use some convoluted scheme of ssh port-forwarding to get the same effect through a scheduled ssh connection established from the client. But running cygwin sshd should work if you go through some contortions to escalate privileges: http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=User_Scripts_-_Client_-_Windows_VSS http://majentis.com/2011/01/03/backuppc-with-sshrsyncvss-on-windows-server/ -- Les Mikesell les...@gm... |