[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Hi folks, With the recent outbreak of CryptoLocker it got me thinking a bit more about backing up data and how to hopefully reduce the risk of losing data if a machine got infected (which hopefully wouldn't happen, but I guess it's one of those things that could accidentally be opened). I gather that CryptoLocker not only encrypts and deletes files on local hard drives and USB sticks but also on shared network drives (not sure about Cloud storage too like Dropbox etc that uses a special folder and syncs data). Other than running daily backups of PCs and servers, I wondered if there was anything at the filesystem level that could be done to say take regular snapshots or backups which were then made read only (so any changes saved were saved into a fresh copy)? I have briefly read up on Copy On Write on BTRFS and ZFS this weekend (only very briefly though) and I wondered if this would be the solution. Am I right in thinking if a file is changed, the original data is kept and a copy is made with the changes so the original file always stays intact? What I'm thinking, is in the (hopefully unlikely) event that a machine did get hit by CryptoLocker, if any files on network shares were deleted or overwritten they would still be available on the file system to restore from a previous time (say an hour earlier) so that the file could be easily recovered (probably by an admin rather than end user). Rob -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq