[ale] how do I make a virus proof nas?

Ron Frazier (ALE) atllinuxenthinfo at techstarship.com
Wed Jan 9 11:22:53 EST 2013


Hi Brian, and Jim, and others,

The technical info you shared is very cool.  I'm trying to get my brain around the methodologies you described.  The basic core concept is that the client doesn't have write access to the backup system.  I'm trying to figure out a method which would work at home with minimal expense and complexity.

Here's an idea I came up with, although it would require more hard drive space.

Let's assume:

1) that my clients are running Windows (as they generally, but not always, are)
2) that I'm using commercial backup software like Acronis, Paragon, or Terabyte Unlimited, which is very capable but perhaps not very scriptable
3) that the clients are running firewalls which I don't necessarily want to open ports in
4) that I don't necessarily want the clients sharing their hard drives on a peer to peer basis
5) that the nas box can make available different folders or partitions to the clients with different passwords for each
6) that the clients have av running periodically and I will be notified of any viri that are detected
7) that I want to do a full image backup of the client weekly with differential backups daily

The reason for 3) and 4) is that having the clients with open ports or shared drives increases the possibility that a virus could spread from peer to peer on the network.

I will acknowledge in advance that this could get very complicated with more computers.  So, here's what would happen.  Let's say client 1 is set to do its image backup on Monday, client 2 on Tuesday, client 3 on Wednesday, and client 4 on Thursday.  On Monday, client 1 runs its backup software and produces an image file which is, say, 350 GB.  It saves this image file in a public folder on the nas which is a staging area.  It would be better if that client only has access to that particular folder.  Once the image file is saved properly, a process kicks off on the nas box which moves that image file to a private folder or partition that only the nas has access to.  This is the permanent storage area.

So, every day, each client either uploads an image backup file or a differential backup file to the nas.  The nas takes these files and moves them to a restricted storage area and deletes them from the staging area.  Scripts on the nas would manage the space in the storage area and delete old backups when new ones come in sort of like your dvr does with shows.

I specifically want image backups and not just file backups.  If I ever have to do a restore, I want to do the restore and have the client computer back to it's exact state as of the backup day, without having to reinstall and reconfigure the OS and applications.  At the very least, I would want one image backup per month, which is what I try to do by hand now.

The main problem I see with this is the storage space.  Let's say that one week's image and one week's diff files take up 500 GB.  I have 4 clients, so I need 2 TB of storage per week.  If I want to have 4 weeks of extra historical backups in case one is corrupted or I back up a virus, etc., then I would need 10 TB of storage.

This appears to be getting complex and expensive fast.

In any case, what do you think?

Sincerely,

Ron



Brian MacLeod <nym.bnm at gmail.com> wrote:

>On Tue, Jan 8, 2013 at 8:31 PM, Ron Frazier (ALE)
><atllinuxenthinfo at techstarship.com> wrote:
>>
>> The main concern I've always had about having backup media attached
>all the time is that, if a virus got into the machine, it could attack
>and wipe out the backup drive.
>
>
>Always a possibility unless clients have absolutely NO write
>privileges. That means adding new files, writing to old, or deletions.
>
>
>> So, I need to know how to make a virus proof nas, such that at least
>one partition on the device is accessible only  to the backup software
>for write mode.  I don't care if everything can read the backup file,
>but I only want the backup software to be able to add new files, write
>to them, or delete them.
>
>
>If it is writeable by the client, it will never be virus proof.  This
>is part of the reason the massive backup infrastructure that I
>maintain for the compute clusters at work don't work this way.  The
>clients have no write capability to the backup servers. Ever. The
>backup servers call the storage units and get copies of stuff instead.
> It still means I might be backing up a virus, but that virus on the
>client will NOT destroy client backups.
>
>
>> I need something that can run while Windows 7 is running and backup
>using the volume shadow copy service.  I also need it to be able to
>back up the ext4 Ubuntu partition on the PC's HDD, either by reading
>the native file system or by using a sector by sector approach.  This
>way, I can just let the backups run periodically on their own and not
>worry about malware affecting the backup.
>
>
>Well, can't help you with that then, because I do do Windows anymore,
>so I'm not exactly sure I know what that shadow copy stuff is.  But I
>have a feeling it doesn't enable what I described above about a backup
>server initiating the work.  And frankly, I'd probably would rather
>remain ignorant of those facts because my recent family/holiday time
>was so much more enjoyable since I could honestly I don't know how to
>run these versions of Windows.  I probably could grasp it, but I like
>being stupid in this case.
>
>The Ubuntu thing -- piece of cake.  First ideas are LVM snapshots
>which your backup machine calls in to get, or, backup machine uses LVM
>to create daily snapshots of itself after a daily rsync of important
>filesystems.
>
>Oh, and make the backup machine be only a backup machine.  No
>browsing, no tasking of other things that could get it in trouble.  I
>don't what other safe guards you have for browsing experience.  Just
>don't do it.
>
>That's the only way you get to "virus proof" (and even then it still
>isn't). That, or you have machine that never talks to another machine.
> But that's not exactly useful in this case.
>
>bnm
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://mail.ale.org/mailman/listinfo/ale
>See JOBS, ANNOUNCE and SCHOOLS lists at
>http://mail.ale.org/mailman/listinfo


--

Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
Please excuse my potential brevity.

(To whom it may concern.  My email address has changed.  Replying to former
messages prior to 03/31/12 with my personal address will go to the wrong
address.  Please send all personal correspondence to the new address.)

(PS - If you email me and don't get a quick response, you might want to
call on the phone.  I get about 300 emails per day from alternate energy
mailing lists and such.  I don't always see new email messages very quickly.)

Ron Frazier
770-205-9422 (O)   Leave a message.
linuxdude AT techstarship.com




More information about the Ale mailing list