Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Backed up, lately ? - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Backed up, lately ?

At first, when a pal of mine called to rant about the new tendency of his OS to go "hasta la Vista", I laughed. He is an IT professional, and a little swine flu in his computer is no big deal. Or so I thought. What started as an occasional hiccup on Thursday apparently turned into an unspectacular but complete Exitus on Friday: The computer simply didn't boot no more.

Of course we all know, often from individual experience, that a disk drive with a "mean time between failure" (MTBF) of indicated 500'000 hours is NEVER the one drive that we bought. Rather, we usually seem to get the "mean failure" version, whereas other people must be getting the "time between".

Nevertheless, this apparently hasn't taught us to be diligent with our backups. As far as backups of data on personal PCs go, most people are either in the "ignorant and negligent" or "knowing and diligent" camps. The special corner of data loss hell, the "knowing but negligent" section, seems to be solely populated by IT and technology people.

It doesn't have to be you. Go buy that USB or eSATA drive, and get that copy made TODAY.

 

Daniel

367 Posts
ISC Handler
Ain't that the truth...the main 'kids and wife' laptop ate it's hard disk yesterday -- that gut wrenching "click, CLUNK" repeating sound. I had a spare drive laying around, so the computer is back up and running...but backups have always been sporadic on this box, meaning the last useful one we have is from JULY.

The sad irony is that a more recent backup was available, but it was on an external drive that I had chosen to "repurpose" just last week...and had done a full zero-byte-overwrite-erase to be 'secure'. ACK!

Needless to say, a few people are pissed of at ME for not having copies of their documents...despite everyone having their own flash drive for important stuff ... Time to get a regular "when the power is on files are being copied somewhere else" backup in place for the rebuilt laptop!
Anonymous
A lot of times it's not wanting to do backups, it's not knowing what to back up or having an automatic way to do so.

GFI has released a free product called GFI Home BAckup available at http://www.gfi.com/backup-hm that is working nicely for my family and friends.
Anonymous
Not a free product, but Windows Home Server makes backups easy. Nighly backups of all computers on your network. Boot from a CD to restore.

It also serves as a media server...
Anonymous
I back up my desktop and laptop devices to my server (an old Compaq 3000 that I got for $500), and I back it up to my desktop - both weekly. I also use an encrypted thumb drive for 'special files', and things that change frequently. So far (crossed fingers) I haven't had to use them...

There are many online backup systems available (carbonite, etc), and they seem to work pretty well. Automated backups to secure Internet storage sounds great, but I question just how 'secure' they really are. Wouldn't this be a great way to steal millions of petabytes of data from unsuspecting consumers (and getting paid to do it, no less)? Anyone have any experience with these systems?
Lee

21 Posts
I share your suspicions. Organizations who want to gather intelligence can do a lot worse with their ample money than to set up a firm that offers "encrypted" online backups. No matter how many rounds of their "secure 4096bit encryption" is applied - these solutions won't fly for me without giving me full unrestricted control (incl open source) of any encryption process involved.
Daniel

367 Posts
ISC Handler
Agree!
Was the information sniffed before or after encryption?
Algis

5 Posts
I tend to use the easiest route. I have a batch file that calls Robocopy to back stuff up to an external hard disk drive.

Recently, I have discovered I need to buy a bigger external drive as I take way too many digital photos with my camera.
Jasey

93 Posts
Does anyone know of a 3rd-party backup/restore Windows application that work with external backup storage disk enclosures and that will start a manual backup when you press the physical button on the external backup storage disk enclosure WITHOUT having an account logged into the desktop of the Windows computer? All of the external backup storage disk enclosure manufacturer applications seem to require you to be logged into your Windows desktop as the administrator and usually require you to interact with the software application that pops up on the desktop.

Also, I want to use online backups, but I'm also too concerned about privacy of storage on another company's servers. I've consulted the legal industry about this, but they're behind the times technically and don't have a concrete secure recommendation. They seem to want everything to go to court first.
Jasey
2 Posts
take a look into rsync for copying to mounted or networked filesystems. I do not know how effective it is for going from a non-logged-in box in particular, but it ought to be fine - it's heavily scriptable. the more interesting part in Win is getting the filesystem mounted if you're not logged in. For a simple USB enclosure this probably isn't an issue. For a NAS of some sort (ie drobo, synology, possibly win home server) it's more of an issue. There are tricks you can do, particularly if you're able to mount it via NFS.

Once you've got that going, you need to figure out what the button actually does. Unfortunately, in many of these systems, the button does not do any kind of true event generation but is like a hotkey on a keyboard launching an app. I do not know if that app is willing to try to launch if you're not logged on. If it is, of course, you can redirect the button to your script.

As far as the remote backup / trusting their encryption goes - why not encrypt your backups yourself, to a local folder, and upload that folder to the hosting service? You'll save a lot of bandwidth that way - most good encryption compresses as well. You will want your private keyrings burned to cd-r and in a safety deposit box and otherwise stored only on an encrypted thumb drive, but if you're really as concerned as you say you are, those steps have already been taken.
peter

17 Posts
I have been using Crash Plan Pro, which was designed to grab important data (you configure) when the machine is on a network. You can use the online storage for a fee (free trial is available on the website) or you can "send to a friend". I have my desktops backing up to each other, the laptops backing up to the server, and the server backing up to an external drive.

Still playing with it, and have not had to *knock on wood* recover, but it's free and fast. And I know who is looking at my data.

Does anyone know of an exchange aware inexpensive block level backup app?
peter
1 Posts
I've been using Storagecraft Shadowprotect. They have desktop, server, even 'sandbox' versions. I've used it for several years, wouldn't think of anything else, and I've tried many. Put this with an ioSafe fireproof usb and you're good to go.
peter
1 Posts

Sign Up for Free or Log In to start participating in the conversation!