Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


evnafets

205 posts

Master Geek

Lifetime subscriber

#197959 20-Jun-2016 09:59
Send private message

I was incidentally involved in a Cryptolocker attack over the weekend.  The encrypted files on the infected computer were transferred to mine via Shared Dropbox folder.  While I'm pretty sure there is no immediate direct threat, it was a reminder to revise my backup plan for if it ever DOES happen to me.  

 

I recently bought a Synology Disk Station DS216E, with a couple of Seagate 2TB hard drives to use as a media library, but figured I could also do some basic backups to it as well. 

 

Tried a couple of backup strategies: 

 

- Synology Cloud Station Backup (It had backup in the title, I thought it would be suitable)
- Easus Todo Backup Free version

 

My main issue right now:  Neither strategy seemed to get above 10-12MB/s transfer rate from computer to NAS.  And sometimes slower. 

 

It's going to take hours to do a backup at this rate.  

 

The Cloud Station Backup option was causing 100% CPU usage on the NAS, so I thought that might be the cause.  Also I discovered that this program is an "real time" backup which isn't really appropriate for protecting against Cryptolocker attacks :-)  Hence I tried the second option of the Easus Todo Backup.  The CPU usage went down, but it also seemed to hit the same speed limit of about 12MB/s. I left it for a few hours, but it failed midway for network related issues (not sure what, I wasn't home at the time) 

 

My setup: 

 

Have a standard Spark Router - Thompson TG585 ADSL Modem/Router - pretty sure this only supports 100MB/s network. 
Both Computer and NAS are connected to the router at 100MB/s (confirmed from control panels)
I was monitoring the transfer rate from the Synology NAS interface. 

 

I have found some good advice in this thread: http://www.geekzone.co.nz/forums.asp?forumid=50&topicid=195814 for a few things to try, but I thought I'd do a sanity check as well

 

Even given that I'm not on a Gigabit network, surely it should be able to transfer faster than the 12MB/s I am seeing? 

 

Any other backup strategy advice will be gratefully accepted if you want to pitch in with your opinions :-)

 

thanks,

 

evnafets


Filter this topic showing only the reply marked as answer Create new topic
shk292
1976 posts

Uber Geek

Lifetime subscriber

  #1576924 20-Jun-2016 10:09
Send private message

Part of the problem is you're mixing up bits per second (bps) and bytes per second (Bps)

 

A one hundred megabit per second LAN (100 Mbps) will only support 12 Megabytes per second (12 MBps) because there are 8 bits per byte


evnafets

205 posts

Master Geek

Lifetime subscriber

  #1576932 20-Jun-2016 10:15
Send private message

And that would answer my question :-)

 

That capital B makes a big difference.  

 

 


 
 
 
 


1101
2318 posts

Uber Geek


  #1576940 20-Jun-2016 10:31
Send private message

evnafets:

 

I was incidentally involved in a Cryptolocker attack over the weekend.  The encrypted files on the infected computer were transferred to mine via Shared Dropbox folder.  While I'm pretty sure there is no immediate direct threat, it was a reminder to revise my backup plan for if it ever DOES happen to me.  

 

 

 

 

Crypto will also attack your backups & shares,syncs you have access to (network files, dropbox etc), if the NAS/backup etc is left connected to the PC .

So just plan/allow for that . You would want a backup that WILL be disconnected from the system : eg multiple USB HD's . Or a cloud backup/sync that keeps previous
versions of the files, so you can go back a week/month & restore those cloud synced files .


jnimmo
What does this tag do
1041 posts

Uber Geek

Subscriber

  #1576947 20-Jun-2016 10:48
Send private message

I always make sure to setup separate credentials for NAS backups - i.e. setup a backup account which should be the only account with write access to your backup directory on the NAS.

 

Then put these credentials into whatever backup software. Sure it doesn't guarantee malware couldn't find these credentials and encrypt the backups on the NAS, but makes it much harder than just being able to connect to a mapped drives with the users default credentials.

 

 

 

 


evnafets

205 posts

Master Geek

Lifetime subscriber

  #1577007 20-Jun-2016 11:50
Send private message

Good thoughts guys.

 

I actually have done exactly what jnimmo suggested - created a "backup" user who was the only one with write access to the share. 

 

I was thinking of creating a big backup (disk images or some such) to be stored offline as the "last resort", and then regularly doing smaller backups of just important/working files to the NAS.  Will have to look into options around keeping the "history" 

 

 

 

 


linw
2260 posts

Uber Geek

Subscriber

  #1577192 20-Jun-2016 15:28
Send private message

jnimmo:

 

I always make sure to setup separate credentials for NAS backups - i.e. setup a backup account which should be the only account with write access to your backup directory on the NAS.

 

Then put these credentials into whatever backup software. Sure it doesn't guarantee malware couldn't find these credentials and encrypt the backups on the NAS, but makes it much harder than just being able to connect to a mapped drives with the users default credentials.

 

 

 

 

 

 

Now, why didn't I think of that! Thanks for the nudge. Agreed, it is not perfect but it is better than using my main account.

 

I'm mindful of the ransomware threat after a friend got caught out. Macrium image files were encrypted on the USB drive.  

 

I have a separate USB drive in the safe to at least have a fallback of last resorts.

 

There needs to be a system available that can take a USB drive offline while it is still connected but still allow a backup program to start it up with a password or similar security feature. You might say, just switch the USB on before the backup but the great unwashed just can't be relied on to do this regularly. Certainly, my elderly friend who asked the ransomware onboard couldn't do this.

 

There is an opening here. Any bright ideas, folks?


MadEngineer
2207 posts

Uber Geek

Trusted

  #1577259 20-Jun-2016 16:44
Send private message

I have my nas box pulling data off my PC to backup with any file changes archived so I can revert any changes. Similar to time machine or file history. This is a must have feature of backups. Backups and archives/versions are not shared so can't be touched by viruses.

 
 
 
 


jnimmo
What does this tag do
1041 posts

Uber Geek

Subscriber

  #1577274 20-Jun-2016 16:59
Send private message

The key is to have another backup of the important stuff too, you could kick it down but still doesn't stop a fire or flood destroying it.. Upload all your photos to Flickr or use an online backup.. I don't think I have anything Id miss too much

I like the idea about the NAS pulling from the computer instead of pushing to the NAS, clever way to avoid tampering!

CYaBro
3343 posts

Uber Geek

Subscriber

  #1577290 20-Jun-2016 17:29
Send private message

Veeam Endpoint backup has the option to "disconnect" a USB drive after the backup has completed, however it requires someone to physically unplug it and plug it back in again for the next backup to run.

 

But that does add some protection from the viruses as they won't see the USB drive once a backup has finished.

 

 


linw
2260 posts

Uber Geek

Subscriber

  #1577529 21-Jun-2016 09:47
Send private message

Quote:- "however it requires someone to physically unplug it and plug it back in again for the next backup to run."

 

Therein lies the problem! Thanks for the input, though.

 

Yes, NAS pull rather than push is a great idea.


jnimmo
What does this tag do
1041 posts

Uber Geek

Subscriber

  #1577531 21-Jun-2016 09:49
Send private message

You could have a wifi controlled relay on the USB drive power supply.. scheduled task to turn the drive off after backup job and on before it..

 

But if there was any malware on the system it would probably just see the drive get mounted at that stage and deal with it then, so might not be any safer.


Filter this topic showing only the reply marked as answer Create new topic





News »

Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.