Author |
Message |
Intex Guest
|
Posted: Wed Oct 05, 2016 11:38 am Post subject: Read Only after Copy against cryptoware |
|
|
I use ViceVersa to backup my files from one host to another (using mirror source to target). However, as there is always a driver mapped from the source to the destination, if the source becomes infected with a virus/malware, then mapped network drive data could also become compromised.
Is there any easy way to set folders/files as read only once they have been copied? |
|
Back to top |
|
|
TGRMN Software Site Admin
Joined: 10 Jan 2005 Posts: 8763
|
Posted: Thu Oct 06, 2016 1:23 am Post subject: |
|
|
Hi, are you worried about ViceVersa copying files that are infected to the target folder or the virus itself the infecting target files (the mirror)? thanks _________________ --
TGRMN Software Support
http://www.tgrmn.com
http://www.compareandmerge.com |
|
Back to top |
|
|
Guest
|
Posted: Thu Oct 06, 2016 8:47 am Post subject: |
|
|
If i get a virus/malware that encrypts files for instance, then I need the target data to be protected, i.e. vice versa won't overwrite the files in the target which aren't encrypted yet.
It would seem like i need to run a script before the automated sync I have daily to change the folders/files from read only to read/write, sync the files and then another script to flag everything as read only afterward? |
|
Back to top |
|
|
TGRMN Software Site Admin
Joined: 10 Jan 2005 Posts: 8763
|
Posted: Thu Oct 06, 2016 9:31 am Post subject: |
|
|
The problem is that cytpoware will encrypt all files it can find (and also in the backup) if it can find them. To mitigate the issue, make a backup that is not kept online (e.g. updated only once a week, like a detachable USB drive) and also have multiple copies in multiple locations.
Also you can activate archiving for overwritten and deleted files in ViceVersa: http://www.tgrmn.com/web/kb/item22.htm _________________ --
TGRMN Software Support
http://www.tgrmn.com
http://www.compareandmerge.com |
|
Back to top |
|
|
Guest
|
Posted: Fri Oct 07, 2016 6:37 am Post subject: |
|
|
OK, however it was my understanding that if the files and folders are marked as read-only, the crypto-ware types can't actually overwrite them unless they are changing the read only attributes as part of its process? |
|
Back to top |
|
|
TGRMN Software Site Admin
Joined: 10 Jan 2005 Posts: 8763
|
Posted: Fri Oct 07, 2016 12:52 pm Post subject: |
|
|
Changing the read-only attribute for files is very easy. Any program can do very easily. What can't be changed is NTFS permissions. For instance if you have your backup on a NTFS drive and make it exclusively access to a specific backup user that you create ad-hoc (and no other account ca access it), then the crypto-ware can't access it if it's running under another account. And you can run ViceVersa under that specific account which has access to the target. _________________ --
TGRMN Software Support
http://www.tgrmn.com
http://www.compareandmerge.com |
|
Back to top |
|
|
|