Write-Only Backup Server
by GregJ7 from LinuxQuestions.org on (#4TA5G)
To what degree do you think it would be more secure (from hacking and data theft, etc.) to have what amounts to a "write-only" data backup server? I imagine it would remove all the code for port listeners, except leave one port open that only receives messages in a legal format at predefined backup times.
Would this, in practice, make the data on the data server harder to steal or corrupt via an attack over the network? Or are there too many hacking techniques that wouldn't be affected by port listening restrictions?
A hacker might learn the legal message format by hacking a message sending computer, but what he could accomplish would theoretically be limited by what message contents the data server was willing to process.
I think the bottom line is, would the data server be materially more secure? And, is there already a method available that essentially accomplishes the same thing?
Would this, in practice, make the data on the data server harder to steal or corrupt via an attack over the network? Or are there too many hacking techniques that wouldn't be affected by port listening restrictions?
A hacker might learn the legal message format by hacking a message sending computer, but what he could accomplish would theoretically be limited by what message contents the data server was willing to process.
I think the bottom line is, would the data server be materially more secure? And, is there already a method available that essentially accomplishes the same thing?