Using Verify Jobs to Improve Computer Security

Since Bacula maintains a Catalog of files, their attributes, and either SHA1 or MD5 signatures, it can be an ideal tool for improving computer security. This is done by making a snapshot of your system files with a Verify Job, and then, on a regular basis (e.g. nightly), checking the current state of your system against the snapshot.

The first step is to set up a Verify Job and to run it with:

Level = InitCatalog

The InitCatalog level tells Bacula simply to get the information on the specified files and to put it into the Catalog. That is, your database is initialized and no comparison is done. The InitCatalog is normally run one time manually.

Thereafter, you will run a Verify Job on a daily (or other) basis with:

Level = Catalog

The Level = Catalog level tells Bacula to compare the current state of the files on the Client to the last InitCatalog that is stored in the Catalog and to report any differences.

You decide what files you want to form your “snapshot” by specifying them in a FileSet resource, and normally, they will be system files that do not change, or that only their certain features change.

Then, you decide what attributes of each file you want compared by specifying comparison options on the Include statements that you use in the FileSet resource of your Catalog Jobs.

• Details
• Running the Verify
• What to Do When Differences Are Found
• Verify Configuration Example

See also

Go back to:

• Verify Jobs Functions

• Verification Criteria

• Volume Data Verification

• Volume to Calatog Verification

• Job Results

• Disk to Catalog Verification

• InitCatalog/Catalog Verification

Go to:

• Limitations

Go back to the main Advanced Features Usage page.