On Mon, Apr 25, 2005 at 01:04:06PM -0500, [EMAIL PROTECTED] wrote: > Vlad: > > Please review the Amanda archives for discussions of the pitfalls of > using localhost as part of your backup configuration. This is a > subject that has been beaten into submission quite thoroughly. > > The short answer and general consensus from the Amanda community: > > Don't do it!!! > > Donald L. (Don) Ritchey > > -----Original Message----- > From: Vlad Popa [mailto:[EMAIL PROTECTED] > > Hi from Austria! > > I was wondering, if it might be possible to reduce the open ports > induced by amanda to the local IP address (interface lo, 127.0.0.1) in > inetd.conf since I thought using amanda client and server on the same > machine. External nmap port scans of this server should not find any > open amanda ports. > >>> End of included message <<<
I got the impression that Vlad wants to backup only one host, the amanda server. In that case, I don't think it is so bad to use localhost in your DLE's etc. Using firewall type software (ipfilter/iptables) or hardware, couldn't access to those ports be restricted to the hosts IP? Another brainstorming idea, most unix/linux systems allow one network interface card to have multiple hostnames IP addresses (virtual interfaces). Perhaps you could setup a second, host with open ports restricted to those amanda needs and don't even touch the current setup. -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road (609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
