Sysadmin:Disaster

From UGCS
Revision as of 00:42, 9 December 2007 by Jdhutchin@ugcs.caltech.edu (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

We need to set up a disaster recovery plan. Disaster is something that breaks the entire cluster- either a crucial machine goes down, or Kerberos or AFS gets hacked.

Kerberos/AFS gets hacked

  • What to do: 1) Panic 2) Pull the network cable 3) ??? 4) Profit!

Kerberos

  • New accounts would be suspect, but old passwords are hashed
  • Keep a copy of the kerberos database on a secure CD

AFS

  • Restore from known good backups
  • Change localauth keys on all three servers
Retrieved from "http://www.ugcs.caltech.edu/wiki/Sysadmin:Disaster"
Personal tools