Table des matières

Voir cette page sous forme de diaporama.

Sauvegardes

Avant-propos

Maintenance des accès utilisateurs

Prévention

Anticiper

Prévention

Anticiper

Anticiper - Mises à jour

Mises à jour : Windows

Mises à jour : Linux

Anticiper - Nettoyage du système

Anticiper - Surveillance

Surveillance - Windows - 1

  c:\> eventvwr

Surveillance - Windows - 2

Surveillance - Linux - 1

root@marge:~#> tail -f /var/log/syslog
Jan 26 13:49:01 marge dhcpd: DHCPDISCOVER from 00:1e:c1:06:78:60 via eth0: network 10.121.32.0/25: no free leases
Jan 26 13:49:04 marge dhcpd: DHCPDISCOVER from 00:1f:3c:4a:ca:4c (pmpor-10) via 10.121.39.254
Jan 26 13:49:04 marge dhcpd: DHCPOFFER on 10.121.39.205 to 00:1f:3c:4a:ca:4c (pmpor-10) via 10.121.39.254
Jan 26 13:49:08 marge named[22440]: client 10.121.32.42#59293: update 'ldij-lecastel.lan/IN' denied
Jan 26 13:49:08 marge named[22440]: client 10.121.32.42#58656: update '10.in-addr.arpa/IN' denied
Jan 26 13:49:13 marge dhcpd: DHCPDISCOVER from 00:1e:c1:06:78:60 via eth0: network 10.121.32.0/25: no free leases
Jan 26 13:49:14 marge dhcpd: DHCPREQUEST for 10.121.39.195 (10.121.32.22) from 0c:df:a4:84:0a:0b via 10.121.39.254
Jan 26 13:49:14 marge dhcpd: DHCPACK on 10.121.39.195 to 0c:df:a4:84:0a:0b via 10.121.39.254
Jan 26 13:49:14 marge dhcpd: DHCPREQUEST for 10.121.39.195 (10.121.32.22) from 0c:df:a4:84:0a:0b via 10.121.39.254
Jan 26 13:49:14 marge dhcpd: DHCPACK on 10.121.39.195 to 0c:df:a4:84:0a:0b via 10.121.39.254
Jan 26 13:49:25 marge dhcpd: DHCPDISCOVER from 00:1e:c1:06:78:60 via eth0: network 10.121.32.0/25: no free leases

Surveillance - Linux - 2

Surveillance - Supervision

root@vm2:/home/sio# nmap    ns1
Starting Nmap 5.00 ( http://nmap.org ) at 2012-01-26 14:24 CET
Interesting ports on marge.ldij-lecastel.lan (192.168.0.1):
Not shown: 998 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
53/tcp open  domain
Nmap done: 1 IP address (1 host up) scanned in 0.27 seconds

Anticiper - Les Sauvegardes

Sauvegardes - Caractéristiques - 1

Sauvegarde différentielle

Sauvegarde incrémentale

Sauvegardes - Caractéristiques - 2

Sauvegardes - Caractéristiques - 3

Sauvegardes - Caractéristiques - 4

Sauvegardes - Que sauvegarder ?

Sauvegardes - Les bases de données

  root@debian:~# mysqldump -u root -p mabase > mabase-dump.sql
  root@debian:~# pg_dump -f mabase-dump.sql -U root mabase
  root@debian:~# ssh root@srv "mysqldump -u root -pxxxx mabase | gzip"  > mabase-dump.sql.gz

Sauvegardes - les outils

Sauvegardes - les protocoles

Sauvegardes - exemple 1 : tar

 tar cvf /bu/home-sv.tar /home
 tar cvfz /bu/home-sv.tgz /home

Sauvegardes - exemple 2 : scp

 scp -rp root@machine:/home /sv/machine/home

Sauvegardes - exemple 3 : rsync

 rsync -av -e ssh root@distant:/home /sv

Sauvegardes - SSH et les clés publiques

root@C1~#> ssh-keygen
root@C1~#> ssh-copy-id root@srv

Sauvegardes - Planification

#  crontab
 0 22 * * 1-5 /root/backup-sys
# par exemple, sauvegarde du répertoire /home
# a 5 h du matin chaque semaine:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/

Sauvegardes - Rotation

    DAT=`date "+%u"`  # $DAT contient le No de jour de la semaine
    # on compresse la base avec le filtre gzip
    mysqldump -u root --password=xxxxx -B mbase | gzip  > mabase-$DAT.dump.gz