Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 33

Thread: ransomeware attack

  1. #21
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    734
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    Hi TheFU:

    I had not thought about encryption.

    I can see from what you've written that perhaps the best thing for me is to try a few things to see what works for me.

    I thought Timeshift would be a good solution, but it wiped out my home directory. Then, ignoring my advice, a friend tried Timeshift, and it wiped out his home directory.

    Malware? Geeze!

    I think that in all my testing one main thing is to have a back or copy elsewhere if things really go wrong.

    Getting Older

  2. #22
    Join Date
    Oct 2004
    Location
    Albuquerque New Mexico, U
    Beans
    1,171
    Distro
    Ubuntu Development Release

    Re: ransomeware attack

    *** withdrawn ***
    Last edited by rbmorse; 1 Week Ago at 12:40 AM.
    regards

  3. #23
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: ransomeware attack

    Lots of people seem to love Timeshift, so there is probably something that you've missed. Timeshift appears to work in very different modes depending on the underlying file system, so perhaps it isn't a great solution for everyone or for system-level backups? IDK. Doesn't timeshift prefer btrfs?

    The way I see it, if a backup solution recommends that some other backup tool be used for the system backups, then why use 2 different tools when there are lots of 1 tool, full solution, answers available?

    I'm probably oversimplifying. No tool is perfect and people tend to like what they get working without too much trouble. In my testing, I got most of the backup tools working, but was disappointed with other aspects. Some were terribly slow, not just the first run, but the 2nd - 10th runs too.

    rdiff-backup isn't perfect either. Encryption is outside the tool, which is a negative for kitchen-sink loving tool people. I prefer to control the encryption used, I WANT to know the details so I don't have to trust a single team who probably isn't expert at encryption. OTOH, if I were pushing backups to storage that I didn't fully control - like Glacier or Box or some other cloudy service, then I'd probably want encryption in the backup tool. I don't do that. I have trust issues.

    Between 20.04 and prior releases, the version of python changed from python2 to python3. While the rdiff-backup code didn't change much and the backup storage areas are 100% binary compatible between the two python versions, the client/server architecture of rdiff-backup and python's serialization code vastly changed between python2 and 3. They don't work together at all. So, if you have all older systems, great. If you have all newer systems (20.04+), great. If you have a mix of systems - well --- er ... that's a problem. I ported the older python2 stuff and rdiff-backup to 20.04 along with the required dependencies. My 20.04 backup clients all run my rdiff-backup code. When over 50% of my system are on 20.04 or newer releases, then I'll move the backup server to 20.04 and switch to the new python3 version.
    To support the older python2 versions, I may need to create a linux container with access to the storage for those older systems.
    I suppose I could have created a linux container to support python3 for the newer systems. Hummmmm.

    Maybe check out Borg Backup too?

    Lots of options. We like options, right?
    Last edited by TheFu; 1 Week Ago at 03:08 AM.

  4. #24
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    734
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    Yeah. I like opinions. It helps people think.

    I'm gonna try a few things and see how they work out. I'll have another look at Timeshift. It is definately EASY.

    Thanks for your thoughts. It'll be a fun project.

    Old

  5. #25
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: ransomeware attack

    Just out: https://www.howtoforge.com/how-to-ba...-dup-in-linux/
    I didn't read it.

    Deja Dup checks all the boxes for ideal backups, including encryption, except it isn't "pulled" and access to the most recent backups requires using Deja Dup to access. Deja Dup is in the same family as duplicity and duplicati backup tools.

    Probably worth searching for Deja Dup failures before deciding. There seem to be a number of those. No backup solution should be trusted until after the 3 types of restores have been fully tested. Don't believe what others claim online. Test the restores yourself BEFORE you need them.

  6. #26
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    734
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    Hi The Fu:

    Tx again for your advice. Completely agree with not taking anybody's word for it and verifying that restoring backups correctly is the only acid test for the adequacy of backup system.

    Also, seem like everything on a backup computer should be encrypted.

    In fact, I'm thinking about reinstalling 20.04 on my main computer ... with encryption. Not having it encrypted is where my headaches start, anyway.

    However, how would I back up an encrypted system?

    Old

  7. #27
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    734
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    Here is ancient advice on how to backup an encrypted system at: https://askubuntu.com/questions/1155...isk-encryption

    plz see my reply below...

  8. #28
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: ransomeware attack

    LUKS encryption only matters when the system is powered off. When powered on, with the LUKS container "open" there is no encryption, so it is just like any other storage for backup ... and attacks.

    Encryption is about shipping a HDD in for warranty support or selling it to someone else used or if someone steals it, provided the system is completely shut down. It keeps those other people out of the data. When powered or in standby mode, encryption doesn't matter.

  9. #29
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    734
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    WOW!

    That's pretty informative.

    For starters, I think I'll reinstall 20.04 with encryption, and then use crontab to schedule shutdowns each day.

    Next, I'll use 7pzip to encrypt and zip files that I want to "totally: protect while the computer is on... and ship that data off to a server in Switzerland.

    Then, I'll work on the backup plan for to a secure server, and put a copy of my system in a safe deposit box once a month, rotating several cheap HDs to cover that process for a very long time.

    The Cybersecurity and Infastructure Security Agency (CISA) has published an important article that provides me more to think about: https://us-cert.cisa.gov/ncas/tips/ST19-001

    Old

  10. #30
    Join Date
    Mar 2011
    Location
    U.K.
    Beans
    Hidden!
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: ransomeware attack

    "and ship that data off to a server in Switzerland."

    Tresorit? .. now, apparently, part of Swiss Post.

Page 3 of 4 FirstFirst 1234 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •