But, why are you saying a good backup schedule isn’t helping your defense? If you can restore to a known pre-incident state, at least you’ve limited your loss. At least losing a few hours of data from the backup delta is better than losing months. My current backup strategy is this: 1. Concurrent backup maintained offsite 2. Nightly backup on site. 3. Once per day backup pulled via rsync to an NAS that’s read-only to the network. This drive maintains seven days of system data that nothing on the network can change. I’m seeing reports that the latest crypto malware has been seen encrypting disks and decrypting them on the fly for a while before triggering - if this waits 7 days to trigger then my backup scheme is DOA because the rsync NAS will have pulled corrupted copies. I’m thinking that it’s time to look at tape backups again. Regards, Edmund Cramp -- "There is no reason for any individual to have a computer in his home." - Ken Olson, President, Digital Equipment Corporation, 1977
_______________________________________________ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net