Jump to content
RESET Forums (homeservershow.com)
Al_Borges

Best Practices for Ransomware protection/recovery

Recommended Posts

Al_Borges

I help out an elderly neighbor  as her "sys admin"   - Well she just got whacked with ransomware

 

she clicked on a email and gave her administrator password -   she genuinely thought the email was from microsoft support

 

I constantly tell her not to click on email links but .......

 

Thought about not letting her have access to the administrator password but this has other support issues.  

 

fortunately , I had her set up with icloud ( she uses a iphone)  so she just had to have the machine nuked and OS reloaded.

she doesnt have any media except photos to speak of so she didnt lose anything. 

 

got me to thinking about how I am protected against this  and thought it would be worthwhile to have the community chime in on best practices. 

 

now for all of my personal and business  main files,   I use Crashplan -    well worth the 65 bucks a year.   ( I also deduct it as a business expense)   Will definitely protect against ransomware

 

I simultaneously upload to the cloud and a local device  ( much faster If I have to load in a bunch of data)

 

what is funny is that I have had to use it several times -   all of which where my fault -   once I deleted all our 2010 photos when I made a mistake when setting  up my wifes's  new computer

 

the problem was that I didnt realize it right away -   but crash plan keeps a  month of daily images and two semiannual images and all annual images , so I was able to recover the folder   about 9 months after I messed up.

 

I recently migrated to a QNAP TS 451+   NAS

 

one of the great things about  the QNAP NAS   is a feature called hybrid backup sync -  

 

for my media  ( about 3 TB)  I have it replicated on the NAS but with the hybrid backup sync it backs it up to a USB drive -  what is neat about this is that it mounts and dismounts the usb drive.   So the 99% of the time, the drive is not hooked up and is invisible.   Also the USB drive is not available  on the network so you have to access from the console of the NAS.

 

Also  none of the Clients on the NAS access thru the administrator account -   this is only accessed thru the QNAP interface

 

So this should remain out of the hands of the evil doers -  right ?

Share this post


Link to post
Share on other sites
oj88

Nothing special on my end. I have ESET Internet Security (formerly Smart Security) installed on all PCs at home since about 3 years ago. It does a good job catching phishing sites in emails as well as generally blocking access to questionable websites, among others.

 

My dad, now 70, quite frequently gets tricked into clicking links from legit-looking emails from his 'bank' or from downloading flash games, etc. I've more than once had to restore his laptop from backup because of the amount of malware he picks up. This stopped happening after I installed ESET for him. I would think that this would also help curb any chances of ransomware getting through.

 

On WHS2011, I've restricted all users to read-only access on all shared folders except the movies and TV shows folder (so they can add new materials to Plex). All Windows PCs are also backed up into this server. I use WinRoboCopy to backup important files (family pictures, videos, personal files, etc.) on WHS2011 to an HP N40L running XPEnology.

 

I'm happy as a clam.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...