There’s a bunch of people in this thread, who seem a little bit too goofy to figure out that you were just asking how did defend against RansomWare basically find something that uses snapshots
Thanks man, I really appreciate it.
3-2-1-1-0 backup rule and you don't have to worry about randsomware. Can't encrypt what is offline.
Any advice on the '0' in practice? What's the best way to ensure the files are free of error?
we're talking about a diy nas or a sinology one?
Maybe you could try encrypting a volume that you will only use for backups and leave it unmounted when you aren’t using it?
Best way to configure a NAS is with backups.
Smart ill get a other NAS to backup the NAS then.
Assuming you actually want a NAS and not cold storage, I’d recommend at least some kind of raid to account for disk failure.
As for ransomware protection, one decent solution is snapshots and limiting every client to only be allowed access to their own backup directory, or a limited set of directories in general on the NAS, as well as no execution permissions in those directories.
If you’re concerned about the NAS being directly infected by a malicious user with direct access and execute permissions, the only real solution is offsite or cold storage backups.
Self-Hosted Main
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software