What with all the fun and games the NHS has, I'm wondering whether I should make a bit more of an effort to safeguard my files. Firstly, the
biggest safeguard I have is that everything important is backed up to DVD, I'd like to see one of those file corruption viruses damage those!
I do have all my films, TV and music sat on a DLNA server, so that all the devices round the house can access them (phones, DVD player, laptops etc).
I am wondering whether to move all of it on to a Linux server.
However, it did occur to me that regardless of the file host, it's not the host that could be the issue. I believe these viruses can take
advantage of network shares and similar to do the damage, and since it's the client doing the work that file could be hosted on any fileserver
type.
Is this a fair assessment, and if so how could I set up a Linux DLNA server that serves the files but doesn't allow edit? At a basic (IE idiot)
level, if I set the files read only in Linux does that stop them being damaged? If I have a small area for read-write and consider that
'volatile', is there definitely no risk of something running in there and compromising the rest of the server?
Are the DVDs kept in your house? What happens in the house burns down, the backup is gone.
I use a three stage approach.
1. Primary storage is my Linux based server (Unraid). It uses a parity array which can survive a disk failure. It is all managed for a WebUI and
there is a comprehensive forum. I think share this out to the various windows clients over Samba. I use this for media, music, documents and pics.
If you dont need too much storage, the trial version allows you to use data two disks, three in total 1 parity + 2 data. You can use this for ever.
2. Offline storage. I things that are important to me I have copies to an external drive and is updated few months. This drive then lives in my draw
at work.
3. Cloud. Things that are uber important (family picture etc) live in all there places and documents that I need on the go via a phone or pc. I use
google drive and for less than £5/m i get 1tb of storage.
"However, it did occur to me that regardless of the file host, it's not the host that could be the issue. I believe these viruses can take
advantage of network shares and similar to do the damage, and since it's the client doing the work that file could be hosted on any fileserver
type. "
you are correct on this front. if you have your files on any server type and it is mounted on an affected computer, the files can get trashed,
assuming they are writable to the affected computer.
with linux and some file system types or lvm setups you can take snapshots, which are point in time backups, that don't need loads of space.
(unless you delete or modify lots of data)
the key thing is you need to get a backup taken that is offline/read only and not available to anything to minimise the risk. 2 external drives would
be the best, as if you plug one into an affected computer, it gets ruined, but the other backup drive is still good. you can go on forever with
backups.
online backups are good, as they can keep the previous versions of files, so if your pc gets encrypted, this gets uploaded as a new version of said
file. you stand a chance of recovering the earlier version. Acronis does this for you. not sure about google drive.
with most issues, a key thing to do is to ensure your computers are all patched up, and the services are running. malware etc can disable for example
windows defender and tell the monitoring program to not inform you so check all is actaully running. malwarebytes is a good tool to run.
One thing I did do is check each device to make sure they're all being updated. Despite me not approving of automatic updates rebooting
PC's are inconvenient times, I can't deny the decision to force updates on Windows 10 is a good one.
I've found myself an old Dell desktop PC and ordered a 4Tb drive, it'll be getting a Linux install and that will be my 'read
only' device. The only way to write to the files will be good old command line access via SSH, so that will hopefully prevent any Windows based
viruses from being able to corrupt the files.
quote:Originally posted by Slimy38
One thing I did do is check each device to make sure they're all being updated. Despite me not approving of automatic updates rebooting
PC's are inconvenient times, I can't deny the decision to force updates on Windows 10 is a good one.
I've found myself an old Dell desktop PC and ordered a 4Tb drive, it'll be getting a Linux install and that will be my 'read
only' device. The only way to write to the files will be good old command line access via SSH, so that will hopefully prevent any Windows based
viruses from being able to corrupt the files.
If you use this server with infrequently, unplug the network lead. Nothing will get to it then.
quote:Originally posted by David Jenkins
Don't forget - Linux is a lot less vulnerable than Windows to malware, but not totally immune.
Oh yes, I am very much aware that there are still Linux vulnerabilities, that Youtube video was interesting but it talked a lot about Linux as a
webserver and that's not something I'll be doing. I definitely won't be installing WINE though!
To be honest, the move to Linux has several other reasons, so I'm partly using this Wannacry as an excuse to buy another hard drive and actually
make the move that I've been wanting to do for many years!!
Photo Archive
Building: It is an ex-Locost - it has gone to the IOW!
posted on 20/5/17 at 03:07 PM
I was unimpressed with Wine - there aren't many Windows things I want to run, and it didn't do any of them properly. In the end I built
an unexciting little Windows PC that sits on top of my big fat Linux box, just so that I can occasionally run stuff that won't work on Linux.
VirtualBox was much better under Linux, but I decided that if I was going to pay for Windows 10 it might as well go on a dedicated machine.