Forum Index  ViceVersa HOME         FAQ and Knowledge Base

 FAQForum FAQ   SearchSearch Forum  RegisterRegister 
 ProfileProfile   Log inLog in 

Read Only after Copy against cryptoware

 
Post new topic   Reply to topic     Forum Index -> Support
Author Message
Intex
Guest





PostPosted: Wed Oct 05, 2016 11:38 am    Post subject: Read Only after Copy against cryptoware Reply with quote

I use ViceVersa to backup my files from one host to another (using mirror source to target). However, as there is always a driver mapped from the source to the destination, if the source becomes infected with a virus/malware, then mapped network drive data could also become compromised.

Is there any easy way to set folders/files as read only once they have been copied?
Back to top
TGRMN Software
Site Admin


Joined: 10 Jan 2005
Posts: 8763

PostPosted: Thu Oct 06, 2016 1:23 am    Post subject: Reply with quote

Hi, are you worried about ViceVersa copying files that are infected to the target folder or the virus itself the infecting target files (the mirror)? thanks
_________________
--
TGRMN Software Support
http://www.tgrmn.com
http://www.compareandmerge.com
Back to top
Guest






PostPosted: Thu Oct 06, 2016 8:47 am    Post subject: Reply with quote

If i get a virus/malware that encrypts files for instance, then I need the target data to be protected, i.e. vice versa won't overwrite the files in the target which aren't encrypted yet.

It would seem like i need to run a script before the automated sync I have daily to change the folders/files from read only to read/write, sync the files and then another script to flag everything as read only afterward?
Back to top
TGRMN Software
Site Admin


Joined: 10 Jan 2005
Posts: 8763

PostPosted: Thu Oct 06, 2016 9:31 am    Post subject: Reply with quote

The problem is that cytpoware will encrypt all files it can find (and also in the backup) if it can find them. To mitigate the issue, make a backup that is not kept online (e.g. updated only once a week, like a detachable USB drive) and also have multiple copies in multiple locations.
Also you can activate archiving for overwritten and deleted files in ViceVersa: http://www.tgrmn.com/web/kb/item22.htm
_________________
--
TGRMN Software Support
http://www.tgrmn.com
http://www.compareandmerge.com
Back to top
Guest






PostPosted: Fri Oct 07, 2016 6:37 am    Post subject: Reply with quote

OK, however it was my understanding that if the files and folders are marked as read-only, the crypto-ware types can't actually overwrite them unless they are changing the read only attributes as part of its process?
Back to top
TGRMN Software
Site Admin


Joined: 10 Jan 2005
Posts: 8763

PostPosted: Fri Oct 07, 2016 12:52 pm    Post subject: Reply with quote

Changing the read-only attribute for files is very easy. Any program can do very easily. What can't be changed is NTFS permissions. For instance if you have your backup on a NTFS drive and make it exclusively access to a specific backup user that you create ad-hoc (and no other account ca access it), then the crypto-ware can't access it if it's running under another account. And you can run ViceVersa under that specific account which has access to the target.
_________________
--
TGRMN Software Support
http://www.tgrmn.com
http://www.compareandmerge.com
Back to top
Display posts from previous:   
Post new topic   Reply to topic     Forum Index -> Support All times are GMT
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © phpBB Group
Copyright © TGRMN Software. TGRMN Software products: