Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: ransomeware attack

  1. #11
    Join Date
    Mar 2007
    Beans
    1,110

    Ransomware on Linux?

    Tagging on to this thread about Ransomware on Linux.

    Since all it would take to mount a ransomware attack on a Linux server is administrator access and some software has anyone ever documented such an attack?
    Access to a Windows client would allow any shared files to be encrypted. That seems the most common method.

  2. #12
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Ransomware on Linux?

    haven't been allowed to reply. Forum issue.

  3. #13
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Ransomware on Linux?

    Haven't been allowed to reply. Forum issue. Seems related to using certain tags in replies.

  4. #14
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Ransomware on Linux?

    Haven't been allowed to reply. Forum issue. Seems related to using certain tags in replies.

    Forbidden

    You don't have permission to access this resource.
    Apache/2.4.29 (Ubuntu) Server at ubuntuforums.org Port 443
    Also ... editing a post creates a new reply.

  5. #15
    Join Date
    May 2006
    Location
    Switzerland
    Beans
    2,903
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: Ransomware on Linux?

    Quote Originally Posted by rsteinmetz70112 View Post
    Since all it would take to mount a ransomware attack on a Linux server is administrator access and some software has anyone ever documented such an attack?
    Qnap devices, which are essentially Linux-based storage appliances, got hit time and time again by ransomware because e.g. people opened up TCP/IP ports towards the Internet without really understanding what they were doing ... "Yaaay, Cloud functions ... I can administrate my Qnap storage over the Internet with my mobile phone and listen to my music collection stored back home while I'm sitting on the train ... "

    https://www.qnap.com/static/landing/...esponse/en-us/

    https://www.qnap.com/en/security-new...ecure-qnap-nas

    There are also several videos from frustrated users who got hit by that ransomware e.g. on YouTube. Because of excessive use of inappropriate vocabulary in those videos I shall not post links to those, but I am sure you could find them yourself if you wanted to.

    All in all: Just because your OS happens to be Linux-based doesn't mean you're automagically "safe" from such attacks. If you do something not so smart like opening up badly secured and/or insecure network services that are running on your Linux box via port-forwarding to the Internet then you still might get hit by something like this.

  6. #16
    Join Date
    Nov 2009
    Beans
    Hidden!
    Distro
    Kubuntu 18.04 Bionic Beaver

    Re: ransomeware attack

    UrBackup is another option for pull.

    Areca is push service (so theclient pushes the data).

    turn off internet access or use tools to harden and block access to unwanted parties.
    Read the easy to understand, lots of pics Ubuntu manual.
    Do i need antivirus/firewall in linux?
    Full disk backup (newer kernel -> suitable for newer PC): Clonezilla
    User friendly full disk backup: Rescuezilla

  7. #17
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    745
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    Hi TheFu:

    I've got a rpi 4b now and 10GB of HD storage.

    Should I use Bacula described at https://serverspace.io/support/help/...4-with-bacula/ to do the backups?

    Old

  8. #18
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: ransomeware attack

    I've never used Bacula for a number of reasons. Mainly the way the backups are stored.

  9. #19
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    745
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    Hi TheFu,

    What software would you recommend for pulling backups from my laptop the the raspberry pi 4b that I'll use as a secure backup server?

    Thanks,
    Old

    ps. Saw one of your comments in another thread. All members of my family had their data taken in the 2015 OPM data breach, also. When that happens to you, the need for privacy and security has special urgency. It's among the reasons for the project we are talking about now.

  10. #20
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: ransomeware attack

    I use rdiff-backup with LVM snapshots. That selection was made after testing many other options years ago. I can see it has been used here since at least 2014.
    Code:
    drwxr-xr-x  8 root root  4096 Apr 10  2014 rorlap/
    I moved from using rsync with hardlinks after getting burned with some undesirable limitations of that technique where the backup sets lose the owner, group, permissions, ACLs and xattrs if those change. Only the latest metadata is retained. Boooo. Backups that don't capture file metadata are a failure. The actual data is only 50% of what we need.

    There are lots of backup tools. The one I chose isn't the best for every situation. Do some testing your self with 3-5 different tools. Do some restores. See which work for the 3 types of restores we all need. Check the performance for initial backups and for the versions. And be certain to backup /etc/ in your testing, so you can easily validate that different userids are retained in the method picked. Any backup that doesn't include at least 15-25 files from /etc/ is a failure in my book. I grab the entire directory, though I only need 15-25 files which are specific to the system. Many files are just for reference later and won't actually be restored.

    Are you planning to encrypt the storage under the backup location or will you be trusting the backup tool to encrypt for you?

Page 2 of 4 FirstFirst 1234 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •