From 5b232d0484cc32c4265e0b89e79d48f25e2ab0b7 Mon Sep 17 00:00:00 2001 From: DatuX Date: Fri, 14 Jan 2022 00:32:50 +0100 Subject: [PATCH] Updated Backup to rsync.net via ZFS (markdown) --- Backup-to-rsync.net-via-ZFS.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Backup-to-rsync.net-via-ZFS.md b/Backup-to-rsync.net-via-ZFS.md index 23002d4..d989d04 100644 --- a/Backup-to-rsync.net-via-ZFS.md +++ b/Backup-to-rsync.net-via-ZFS.md @@ -86,6 +86,8 @@ Select the filesystems that your want to backup: ## Security considerations +The backup VM is just a dedicated VM with you as the only user. + ### Cloud provider Although rsync.net is a very professional and trustworthy company, i still will layout the security implications and how you can mitigate some of them with ZFS encryption: @@ -96,7 +98,8 @@ Although rsync.net is a very professional and trustworthy company, i still will ### Crypto ware -* If you use a push-backup, you are not secured against hackers: If they hack your server, they will have access to your rsync.net server as well. -* You can actually let the rsync.net server login to your server and pull the backup. Keep in mind that in that case the rsync.net staff could access your server. (or in case your the backup server gets hacked) +* If you use a push-backup, you are not secured against cryptoware: If they hack your server, they will have access to your rsync.net server as well. +* You can actually let the rsync.net server login to your server and pull the backup. +* In case of a pull-backup, your attack surface is bigger: Anyone with access to your rsync.net VM could access your server as well. But cryptoware on your server can never access the backups.