On Fri, Nov 24, 2017 at 10:28:27PM +0100, Chris wrote: > All, > > I want to backup a DMZ-server to an internal backup server. > > Is it reasonable to setup an NFS-server in the DMZ and mount it from > the inside server using the read-only, noexec and nosuid options? Could > an attacker gain access to the internal server this way? > > Does anyone use such a setup? > > internal Server ---------------> DMZ > (NFS-Client) (NFS-Server) > NFS is a very old protocol that very likely has as yet undiscovered vulnerabilities. I would expect that the likelihood of there being even a theoretical vulnerability that would allow a malicous user on the server to gain access to a client would be very low.
However, I think you are going about this all wrong. A backup script or program would have to touch/examine every file to determine its age, MD5 sum, or whatever other feature drives the backup/no-backup decision. NFS is actually a terrible protocol for this sort of thing. You are almost certainly better off creating a backup user on the DMZ machine, setting its shell to something like rsync-only (check out the rssh package, for example), and then using something like rsnapshot (my personal favorite) or another rsync-based backup script/program. That is likely to be more secure and I can practically guarantee it will have better performance. Regards, -Roberto -- Roberto C. Sánchez