I shopped around for a few months for my offsite, online backups, and most providers were adjuncts of larger ISPs, and the backups were generally stored on larger, general purpose servers.
Usually this was in conjunction with all sorts of extra "services" tied to the backup. But the bottom line was, I was storing files on a server that was running imap and pop and PHP and all manner of other services and ports open, etc.
That's a mistake. The backup provider I use now (rsync.net) has three services running (I nmap my target regularly):
- ftp (I don't use it)
- ssh
- https
No php, no app servers, no mail servers, etc., and when I asked them, they confirmed that their ftpd is just plain old FreeBSD built-in.
Oh, and I encrypt the backups with duplicity, which is absolutely fantastic.
Love may laugh at locksmiths, but he has a profound respect for money bags. -- Sidney Paternoster, "The Folly of the Wise"