[ale] how do I make a virus proof nas?

Jeff Hubbs jhubbslist at att.net
Tue Jan 8 22:48:53 EST 2013


I have done this.  Eight-core Samba server with RAID 1+0 with the mirror 
pairs split among two SAS controllers.  ClamAV could scan it at over 
200MiB/s.

On 1/8/13 9:46 PM, Chuck Payne wrote:
> I have in the past set up clam av to scan it. I also have use the free
> version of AVG to scan it.
>
> On Tue, Jan 8, 2013 at 9:24 PM, Ron Frazier (ALE)
> <atllinuxenthinfo at techstarship.com> wrote:
>> Hi Matthew,
>>
>> Upon re reading my post, I noticed that my description was a bit vague.  I'm
>> mainly worried about the potential of a virus on the client machines that
>> are being backed up.  I am pretty paranoid and take steps to prevent this.
>> However, say it happened.  So, the client gets a virus, the virus attaches
>> to the remote nas, and the virus deletes the partitions, etc.
>>
>> What you're describing sounds interesting but expensive.  I have a VERY
>> minimal budget at the moment.  How much would something like that cost not
>> including the hard drives?
>>
>> Also, what software would run on the client PC's and how would it talk to
>> the NAS?  How would we prevent things other than the backup software from
>> accessing the backup partition on the NAS in write mode?
>>
>> It would be OK if there was another partition that was accessible for
>> general data storage.
>>
>> Sincerely,
>>
>> Ron
>>
>>
>>
>>
>> On 1/8/2013 8:55 PM, Matthew wrote:
>>
>> I can build a centos 6 disc that should do that. you can look into a
>> dedicated NAS box, which usually has its own prop OS, or freenas/nas-lite.
>>
>> On building an OS, you will want to setup selinux, aide, anti-virus, etc.
>> and lock down the permissions. My scripts that I have for that, can help,
>> but if you go with something newer like fedora/ubuntu builds, I am not sure
>> they will. Setup PAM and other services to lock things down. Actually one of
>> my NAS systems here is a debian 6 box, but all others are custom built
>> centos. I do IA for a living, so that's why the heavy rhel background.
>>
>>
>> On Tue, Jan 8, 2013 at 8:31 PM, Ron Frazier (ALE)
>> <atllinuxenthinfo at techstarship.com> wrote:
>>> Hi all,
>>>
>>> I'm considering making a mini nas to run backups on here at home.  It
>>> would probably have 2 - 4 TB of storage.  My router has 1 USB port, so I
>>> could just attach a HDD to that.  Or, I could get something like a Buffalo
>>> Link Station which holds two drives and attaches to the router.
>>>
>>> The main concern I've always had about having backup media attached all
>>> the time is that, if a virus got into the machine, it could attack and wipe
>>> out the backup drive.
>>>
>>> So, I need to know how to make a virus proof nas, such that at least one
>>> partition on the device is accessible only  to the backup software for write
>>> mode.  I don't care if everything can read the backup file, but I only want
>>> the backup software to be able to add new files, write to them, or delete
>>> them.
>>>
>>> I need something that can run while Windows 7 is running and backup using
>>> the volume shadow copy service.  I also need it to be able to back up the
>>> ext4 Ubuntu partition on the PC's HDD, either by reading the native file
>>> system or by using a sector by sector approach.  This way, I can just let
>>> the backups run periodically on their own and not worry about malware
>>> affecting the backup.
>>>
>>> Any help is appreciated.
>>>
>>> Sincerely,
>>>
>>> Ron
>>>
>>>
>>> --
>>>
>>> Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9
>>> Mail.
>>> Please excuse my potential brevity.
>>>
>>> (To whom it may concern.  My email address has changed.  Replying to
>>> former
>>> messages prior to 03/31/12 with my personal address will go to the wrong
>>> address.  Please send all personal correspondence to the new address.)
>>>
>>> (PS - If you email me and don't get a quick response, you might want to
>>> call on the phone.  I get about 300 emails per day from alternate energy
>>> mailing lists and such.  I don't always see new email messages very
>>> quickly.)
>>>
>>> Ron Frazier
>>> 770-205-9422 (O)   Leave a message.
>>> linuxdude AT techstarship.com
>>>
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>
>>
>>
>> --
>> SimonTek
>> 912-398-6704
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
>>
>> --
>>
>> (To whom it may concern.  My email address has changed.  Replying to former
>> messages prior to 03/31/12 with my personal address will go to the wrong
>> address.  Please send all personal correspondence to the new address.)
>>
>> (PS - If you email me and don't get a quick response, you might want to
>> call on the phone.  I get about 300 emails per day from alternate energy
>> mailing lists and such.  I don't always see new email messages very
>> quickly.)
>>
>> Ron Frazier
>> 770-205-9422 (O)   Leave a message.
>> linuxdude AT techstarship.com
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
>



More information about the Ale mailing list