Response to WebHostingTalk’s Security Breach
I heard about WebHostingTalk’s security breach recently and after reading the comments on Slashdot, I became a bit concerned people were missing the issue. People discussed offsite backups and offline backups, but while that might have mitigated the issue, its not what’s at fault.
What’s at fault is the fact that their database servers could be connected to from their backup servers. Backup servers should only be able to be connected to from the boxes they’re backing up data from. You should send your data there, not download your your data to the backup server.
My sss/rsync scripts run from the box I’m backing up and that box has no way to connect back to the box I’m backing up from. If that’s the way WebHostingTalk’s servers were set up, there would be no hack. Yes, they might have been able to delete the backups, but not be able to connect to the database servers and wipe the tables on them.
