Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

Post History

71%
+3 −0
Q&A How to detect if a Linux Docker host has had unwelcome guests?

I plan to set up a Raspberry Pi to host some dockerized apps, for it to be accessible to the Internet through a remote proxy, and since I'm no sysadmin, I'm trying to come up with a suitable policy...

1 answer  ·  posted 2y ago by nnlei‭  ·  last activity 2y ago by Canina‭

Question raspbian security
#2: Post edited by user avatar Canina‭ · 2021-08-24T13:35:25Z (over 2 years ago)
  • Raspi home server backup strategy
  • How to detect if a Linux Docker host has had unwelcome guests?
I plan to set up a Raspberry Pi to host some dockerized apps, for it to be accessible to the Internet through a remote proxy, and since I'm no sysadmin, I'm trying to come up with a suitable policy for security and backups.

Besides common security measures such keeping stuff up-to-date, using a firewall, SSH keys, I want to periodically check the system configuration to see whether any unwelcome guests tampered with the Pi, so I can reinstall everything and be up and running with minimum hassle.

For this, I have a backup of partitions of my base system (boot on MMC and root on an attached HDD), and then make periodic remote backups of the following:

1. all the Docker volume directories
2. MariaDB dumps for every database
3. All of `/etc`
4. the output of `apt list --installed`
5. the output of `export` for the root user
6. Some or all of `/var`, `/usr/, `/bin`, '/sbin` and `/boot`, not sure yet.

The first two are the actual backup, whereas 4-6 I intend to get check whether they have changed in unexpected ways that would justify a reinstall.

My questions are then:
1. Is there a better way to monitor my system for changes?
2. Which of item 6 make sense to monitor? Am I missing anything else?

Thanks in advance.
#1: Initial revision by user avatar nnlei‭ · 2021-08-24T04:38:54Z (over 2 years ago)
Raspi home server backup strategy
I plan to set up a Raspberry Pi to host some dockerized apps, for it to be accessible to the Internet through a remote proxy, and since I'm no sysadmin, I'm trying to come up with a suitable policy for security and backups.

Besides common security measures such keeping stuff up-to-date, using a firewall, SSH keys, I want to periodically check the system configuration to see whether any unwelcome guests tampered with the Pi, so I can reinstall everything and be up and running with minimum hassle.

For this, I have a backup of partitions of my base system (boot on MMC and root on an attached HDD), and then make periodic remote backups of the following:

1. all the Docker volume directories
2. MariaDB dumps for every database
3. All of `/etc`
4. the output of `apt list --installed`
5. the output of `export` for the root user
6. Some or all of `/var`, `/usr/, `/bin`, '/sbin` and `/boot`, not sure yet.

The first two are the actual backup, whereas 4-6 I intend to get check whether they have changed in unexpected ways that would justify a reinstall.

My questions are then:
1. Is there a better way to monitor my system for changes?
2. Which of item 6 make sense to monitor? Am I missing anything else?

Thanks in advance.