How many are running Networked Attached Storage (NAS) for your files?

[WildWestDesigns]

I am very anal about my backups as you can see, I have backups of my backups of my backups!

This is what people should be, especially with how this world is and the cloud is the new mainframe and our computers are just the new dummy terminal.

Usually I'm not this crazy about backups, but there is so much ransomware going on with everybody working from home, and our system is more exposed than I would like it because our sales reps insist on doing a lot of work from home.... So I overkill it.

Don't forget with it being tax season got Intuit phishing scams going on as well. Can make everything as protected as one can, but there is always the human element. I would imagine that that would also increase attacks across the board as well. Even as good as SSH is for instance, bad key management or even open ports of devices that people don't think about keep as updated and/or secure as well. I would use the term IoT here for said devices, but I think I would be using it more a much broader sense compared to some.

Sales rep people, I would never have direct access to the bulk of the files (even if they were at the store). At most they would have a separate pool to do their thing and anything that came in from their side to the main storage system would be scanned etc before it got in.

But both times we had ransomewhere we were retored within a day and it was a 100% complete backup.

Ideally, for me anyway, people should be at a stage of they get ransomware, wipe and reload. Now the wipe and reload could take quite a bit of time to do, but that should be it. Nothing else should be in consideration. That's where we are at, especially with everyone wanting always connected devices that transfer massive amounts of data to the cloud.

I will actually wipe and reload the OS and associated programs on a periodic basis as well. Nice thing is that it's all scripted, so at most that part is 20 minutes in total for install OS, install programs and update the system.

The owner of the company asked me why people end up paying the hundreds of thousands of dollars they ask for if it's so easy to recover from... I told him I was up until 5:00 in the morning getting us back up and running, and he was lucky that I am is anal as I am about backups otherwise we would have lost a ton of data because they managed to encrypt our acronis backup. They target the Enterprise level back up providers and somehow got that data, my guess is they don't even look for Google backup!

Probably just playing the odds.

 

[netsol]

Most of that is file storage, not critical holes... it would take years to restore over a network for sure!

I have restored from Google when we were ransomwared though. We run everything via VM, I have real-time backup at the file level as well as daily snapshots, and then the VM image is actually backed up daily for 7 days weekly and then quarterly so we keep roughly nine images backed up. I believe it's about 8 terabytes for a whole backup... So roughly 75 to 80 terabytes of that is for restoring.

We got ransomware twice. The last time was actually 2 weeks ago.. it's a night of work and most of that is restoring the unbacked up personal computers, restoring the servers takes about 2 to 3 hours but again it's only an 8 terabyte image.

I am very anal about my backups as you can see, I have backups of my backups of my backups!

This is just what is on the cloud. I just recently set up a true Nas VM but nobody has access to and it pulls its own backup of the VMS and file level as well, so we also have a local copy.

And of course isn't fully isolated from the network, but it's as isolated as it can be without unplugging it every night.

Usually I'm not this crazy about backups, but there is so much ransomware going on with everybody working from home, and our system is more exposed than I would like it because our sales reps insist on doing a lot of work from home.... So I overkill it.

But both times we had ransomewhere we were retored within a day and it was a 100% complete backup.

The owner of the company asked me why people end up paying the hundreds of thousands of dollars they ask for if it's so easy to recover from... I told him I was up until 5:00 in the morning getting us back up and running, and he was lucky that I am is anal as I am about backups otherwise we would have lost a ton of data because they managed to encrypt our acronis backup. They target the Enterprise level back up providers and somehow got that data, my guess is they don't even look for Google backup!

We pay the money for the ability to "spin up" the vm's for some large clients.
A company with $1,000,000 in merchandise going out daily can't wait days/weeks/months to recover
That doesn't even take into account, if you miss 1 delivery day, competitors swoop in & try to get large accounts to cancel contracts & switch suppliers. It can be tough playing in the big leagues

 

[ikarasu]

The only problem from restoring a full VM from the night before is the exploit they used to get in is also being restored.. and depending on which varient it is, you could have to go back months.

The one we just dealt with was Thanos. We did a quick VM restore so that production could keep on working and sales people can keep on entering orders (we still use a shitty local order system...) But there were still traces of the ransomware on it.

We then went to our weekly restore... Same thing. Monthly restore was ok.. but then of course we had to restore the barebones and then copy over all the files manually to get the system up to date. It looks like the malware sat there for a good few weeks before it decided to infect us... It of course did it on a Friday at 6 pm when no one was around... So it could do the most damage before we noticed it. When I got the alert from our monitoring software that it detected ransomware because all of a sudden a ton of encrypted files were being backed up... I came in on Sunday, and it was still encrypting individual PC's (which are just bare bones windows, easy to restore... But still a pain).

So they tend to bury themselves and wait... Making backups scary.

Were 90% sure they were getting in on our really old server 2000 install that runs our legacy software.... The software our old it department told me can't run on anything newer, and that I should never touch that server or things will go bad.

Well... Suffice to say I got everything running on our new server perfectly fine, and that servers now wiped clean. Getting rid of the outsourced it was the best move ever, they were so bad. They had workfolders accessable by anyone on the domain... The owner wasn't too pleased when I sent him a screenshot of his desktop with all his bank statements on it, and it took them a week to fix what should be a simple permission issue.

So now we use a company I used to work at... I handle 90% of it, and they handle the server / active directory stuff because although I can figure it out... I haven't touched the stuff in 15 years, so I'd spend an hour googling everything.. and as you said, time is money so we can't wait around when we need a fix.

Curious how many people on here got hit with ransomware over the past years?

Google stats say 65% of all companies have had ransomware in the past few years, there's something like 30,000 virus's made per day... And the virus companies can't keep up. It's crazy right now

 

[netsol]

A client had the first episode of ransomware i ever heard of 15 years ago.
He was running a DOS based database, on server 2000. It cost him $500 (those were simpler times) and his data was restored in 36 hours. There sometimes is honor among thieves

Several charities we work for (IT support) have passed ransomware back and forth amongst themselves.
Best money we ever spent was Knowb4, which trains your employees what suspicious items to AVOID.

we found their social workers just clicked on EVERYTHING even if the email said "click here so we can f**k up your computer" they would do it.

When my largest client had their ransomware attack, trend micro didn't catch a brand new variant. Veeam backup repositories got corrupted as well (danger of windows based backup) . We now REPLICATE to a veeam service bureau with the ability to fail over to remote servers, during an attack.

We (they, my client) now have cyber insurance, (getting the insurance was a bigger ordeal than the ransomware)
& i fear a further attack will just mean every vendor is sued by everyone else, causing more chaos than the original attack.

 

[Morten CHristensen]

We run 1 main and 1 backup freenas/truenas with Raid 6 - the backup servere is on a seperate network and it backuped daily to backblaze.
We have been using freenas for years never had an issue. knock on wood. NTFS and software raid for the win

 

[netsol]

I will actually wipe and reload the OS and associated programs on a periodic basis as well. Nice thing is that it's all scripted, so at most that part is 20 minutes in total for install OS, install programs and update the system.

one of the things that is done now, with RDI is, you are given a "virgin" o/s every day

even if you inadventently click something, it is wiped by end of day.

no "laying in wait" for a trigger event & the end of the world...

 

[caribmike]

We had been using one of our computers as a server/work station with cloud backup nightly. This was problematic as when the machine went down or needed to otherwise be replaced we had a 3 day ordeal of moving the files to the new computer.

Last week we installed a NAS with RAID 1 and set up two 1.6T drives mirrored with error recovery for damaged files. The drives are Solid State Drives (SSD) and we also cloud backup the NAS nightly.

The performance of the network has increased greatly and also the ability of our computers to be dedicated workstations. The total cost was about $2000 which included shipping and sales tax. Installation was very easy.

Is anyone else running such a setup? Is there anything we should do better or have I missed anything?

I run two QNAP NAS devices with a total of 16 TB of storage. These work great. I also back up nightly to an off site storage facility which costs only $9.99 a month for unlimited storage. Overall, I feel protected and that my data is safe.

 

[hbb2008]

My company uses one for the last 4 years or so. it has been really great and easy to get data from. Our company is headquartered in Germany so all of the main files are with them. Then each of our locations are networked in and my colleagues in Germany can just drop a file I need (if I don't already have it) in my specific locations folder and it shows up with in an hour ready for me to use. Some folders I have Read and Write permissions and some folders I only have Read permissions.

Before the team in Germany would have to either send large USB sticks by mail with new décor data for me to save locally to the computers hard drive or to send by a transfer site like Teambeam or We Transfer. Then i would spend a lot of time downloading each file and transferring them over the the workstation computer by USB stick.

our NAS system is great for the international aspect. I do not know the set up details but its been working well for us.

Anything extra I need, I have a external l hard drive so that most of the data and files are not stored on the actual computers hard drive.

Also thanks to this thread I now know what NAS stands for. Before I just only knew it by NAS-System.

 

[Northern Design]

Synology

 

[netsol]

I run two QNAP NAS devices with a total of 16 TB of storage. These work great. I also back up nightly to an off site storage facility which costs only $9.99 a month for unlimited storage. Overall, I feel protected and that my data is safe.

the only problem is, mirroring slows you down, since you are writing twice
don't get me wrong, you need some sort of raid, but raid 5 might be a better option
our old ibm system has 48 sas drives, configured for like 3 volume
failure indicator lights, and you pop in a new drive and right click rebuild
it only slows down that particular array

 

[ADVANCED DISPLAY]

We run a QNAP i upgraded recently (i believe 6TB, could be 4 thought not sure) and I ave a 4TBdesktop hard drive i use for sporadic backup. It's super easy with qnap i just plug in the drive and hit the 'one touch usb' button and it's configured to sync my server so i have updated backups when i remember to do it which i try to do monthly. I'm planning to take the old qnap and put it online at my home to use as a cloud backup server, that i will configure to sync nightly off-site. I got hit with ransomware in March and my fault, i used 1234 for a password and i know better, but with a hard backup i wasn't in too much shit for too long. I love it, being able to save files from customers from my phone anywhere i am right to my server at the shop is convenient for everyone. plus I can log in to work on files if i need to when i'm not at my shop. I was sold on QNAP by the IT guys and I don't have any regrets although I would have gone with synology on my own and do wonder how i would have liked their setup but yes, NAS's are great for multi-workstation production shops like mine.

 

[WildWestDesigns]

the only problem is, mirroring slows you down, since you are writing twice

Mirroring, I would be worried about if something gets corrupted on the one drive, it goes on to the next. Or if you delete one file, that action is mirrored onto the other drive. It's not truly a backup in preventing if something happens. Once that bad thing happens, it's mirrored on to the next drive.

 

[binki]

Mirroring, I would be worried about if something gets corrupted on the one drive, it goes on to the next. Or if you delete one file, that action is mirrored onto the other drive. It's not truly a backup in preventing if something happens. Once that bad thing happens, it's mirrored on to the next drive.

With our setup it will fix corrupted files from one drive to the other. We are running a Synology DS420+ with Synology 1.6T SSD's. It is a RAID 1 setup, not mirrored.

We do not, however, have a 'server' unless you want to consider the NAS a server.

 

[WildWestDesigns]

We do not, however, have a 'server' unless you want to consider the NAS a server.

A server is technically a computer that provides resources to other computers (what those resources are is wide open for interpretation). That's really it. Very broad, but any desktop computer can be run as a server (if fact the best budget option out there is just using an old desktop that one has around to serve the files to other computers versus getting something like what we run (see attached, older picture, all of those drives are filled now)).

For instance, for a media server, at the house, we have NUCs as the server, just running Ubuntu Net Installer. I may have a broader interpretation of what is a server though. Probably some don't consider it a server unless it has it's own refrigeration room.

 

[ikarasu]

I'd never trust them. if I had insurance and it cost me nothing... sure!

First time we were hit with lockit. That one wasnt bad... This last one was brutal though. It encrypted system files, so any machine that wasnt left turned on couldn't boot... So even if they were legit going to decrypt them if we paid... theyd have no way to do it. You'd have to put the hard drives in a different PC, run the scan and decrypt...and then you'd need to mess with permissions / etc and its just not feasible. The first one encrypted certain files and left windows alone.

But yes... our sales team is on the older side, and they know nothing about computers. Lots of spam gets through outlook... the first time we got it, we traced it down to our accounts department...she says there was no way its her, she doesnt open sketchy stuff, infact she just got a request to change her password so she did, so shes not sure how they got her password so fast....

We had a training seminar where they came in and explained everything in laymans terms to them... never give out your password, you'll never be asked to change it unless you get a heads up from the IT department well before hand, how to spot fake links, etc. I swear to god, not 2 hours later I get called into one of the sales reps office asking why its asking him to change his password but when he clicks the link it's a 404 page (Google removed the domain). Sometimes you cant fix stupid.... And now we have 2FA enabled on all our E-mails, and our emails are a different password than the user logins.

We're trying to dummy proof it, and schedule quarterly don't open stupid shit seminars for them in hopes it sticks.


on another note! I wasted 4 hours of the "hackers" time last attack It was a tor chat client, fairly certain the guy was russian with how he was talking... I played along that I was going to pay, but of course they only accept bitcoin... which I conveniently didnt know how to do. Bitcoin isnt as easy to get in Canada as it is in USA... I think we have maybe 1-2 atm type machines, and i norder to get it online you need to supply tons of ID and wait for verification. I had him researching how to buy it and explaining it to me... I ended up getting "very frusterated because I wanted to pay but couldnt" and demanded he take a credit card. I was bored while restoring the PC's and overseeing the backup, it was a good way to kill time. I got a little worried pissing him off might put a target on our back... but so far 2 weeks in, nothing.. Hoping it was the windows 2K server that had SQL On it (with no SQL apps running...) That wasnt updated in 10 years in fear of it breaking our legacy software. but time will tell!

A server is technically a computer that provides resources to other computers (what those resources are is wide open for interpretation). That's really it. Very broad, but any desktop computer can be run as a server (if fact the best budget option out there is just using an old desktop that one has around to serve the files to other computers versus getting something like what we run (see attached, older picture, all of those drives are filled now)).

For instance, for a media server, at the house, we have NUCs as the server, just running Ubuntu Net Installer. I may have a broader interpretation of what is a server though. Probably some don't consider it a server unless it has it's own refrigeration room.

Most people don't consider it a server unless it goes in a rack, even though there are desktop case servers as well.

Technically a nas is a file server... So I can't see how some people don't consider it a server unless they are talking in the strictest sense.

I think the non tech-background people who wouldn't all a Nas server, see the word server and think of the movies when they see a server farm of 100 racks and think that's what a server is

My $20 raspberry Pi could be a server though. But in the end who cares, it's all just a term.

Iim just happy to be alive in an age where it's all so accessable. I remember as a kid the only fun I could have was go outside and ride my bike... Now with technology the possibilities are endless.

 

[WildWestDesigns]

Most people don't consider it a server unless it goes in a rack, even though there are desktop case servers as well.

We have a little startech rack, but it's all the Ubiquity stuff and that's really about it.

Technically a nas is a file server... So I can't see how some people don't consider it a server unless they are talking in the strictest sense.

Depending on the NAS, can actually run VMs off of it as well, not just "serving" boring old .fs files and the like.

I think the non tech-background people who wouldn't all a Nas server, see the word server and think of the movies when they see a server farm of 100 racks and think that's what a server is

My $20 raspberry Pi could be a server though. But in the end who cares, it's all just a term.

Iim just happy to be alive in an age where it's all so accessable. I remember as a kid the only fun I could have was go outside and ride my bike... Now with technology the possibilities are endless.

I think these go together. Because the "normies" have an outdated vision of what that term is, they don't really realize what all is possible with smaller form factors (and relatively speaking, cheaper cost as well).

I never was a bike person, the horse barn was where I was (technically still am) alot of the time. Sometimes I do miss those old days, sometimes I don't. I thought at the time, auto-reverse was the biggest thing, now what I can do with the media servers is unbelievable.


I love the Pis. Have one setup with OctoPrint to run, interfaced with Cura. Wonderful way to control the 3D printer. Really is amazing what those little things can do.

 

[ikarasu]

Pis are awesome.

Funnily.enough octoprint was.my.first use of the pi, many years ago when I built a few anets from China. It was the only stable way to get it working!

I've built a pi cade... Ninja turtle one. It was a project to learn how to use the CNC, has every make game / SNES game on it... Sitting in my living room still,.never used anymore...


A hospital we.work with does a.digitsl donor board and their provider was garbage, their boxes would freeze every day, itd lose its signal, everytime we'd go down there half wouldn't work. Well... Guess what the perfect solution in? A pi! When the sales rep saw how much money it'd cost to build the boxes he was skeptical. Next day Amazon and 10 mins of configuring and I had one up and running their files in our boardroom on a 54" tv, and a week later it was still up with no issues... So we demod.it,.and now there's about 20 pis all throughout the hospital...

One pi froze over.the course of a month, so they were ecstatic about them. I just set them up to reboot everyday at 3 am and as far as I'm aware.in the past year they haven't froze at all.

I've.had pi hole for DNS ad filtering, I've had one running as a Nas.. that one was short lived. One was running my home automation until I got a server.

So many possibilities for a pi, I buy one of every generation whether I need it or not just because I know a project will come out that it's perfect for.

 

[netsol]

A server is technically a computer that provides resources to other computers (what those resources are is wide open for interpretation). That's really it. Very broad, but any desktop computer can be run as a server (if fact the best budget option out there is just using an old desktop that one has around to serve the files to other computers versus getting something like what we run (see attached, older picture, all of those drives are filled now)).

For instance, for a media server, at the house, we have NUCs as the server, just running Ubuntu Net Installer. I may have a broader interpretation of what is a server though. Probably some don't consider it a server unless it has it's own refrigeration room.

WWD. In this case, you are exactly wrong, AND I NEVER SAY THAT ABOUT YOU. i would much rather reload any piece of hardware as a windows server, using a server OS as a workstation, assuming we have 5 or more workstations/users.

 

[WildWestDesigns]

i would much rather reload any piece of hardware as a windows server, using a server OS as a workstation, assuming we have 5 or more workstations/users.

Depending on what you are doing with said server, there can be a lot of options out there.

Now, if one is wanting to serve VMs to everyone, no that's going to work with any hardware out there, just like even having a local VM that runs only on a local desktop (which is why I would speculate people have a "bad taste in their mouth" with VMs, tried to get away with too much with too little resources), that's not going to work with just any hardware.

If one is just serving files (which is what I think most people on here care about doing and having backups), can get away with a lot more compared to running VMs all over the place, media streaming and file serving as well.

I don't know if you run Windows Server or if you are just talking about just serving to Windows machines. Because that could also bring about different requirements as well and what hardware is needed. I can get away with a lot less (now it will take more knowledge) using Linux as a server compared to using Windows as a server (actually same goes with the desktop as well, but I am not advocating Linux on the desktop in this thread (just saying that for those that it may concern) although the only Win "machine" that is allowed to touch my networks is an isolated VM just to avoid a cross compile mingw toolchain, but if what is in the Win 11 dev channel makes it to Win 11 Pro proper, that'll probably be my future route).

I've built a pi cade... Ninja turtle one. It was a project to learn how to use the CNC, has every make game / SNES game on it... Sitting in my living room still,.never used anymore...

I was wondering about that ROM folder that I saw.

One was running my home automation until I got a server.

I still have one running home automation here. Have one on the little robot that the kids and I worked on. They really are great little computers.

 

[ADVANCED DISPLAY]

Mirroring, I would be worried about if something gets corrupted on the one drive, it goes on to the next. Or if you delete one file, that action is mirrored onto the other drive. It's not truly a backup in preventing if something happens. Once that bad thing happens, it's mirrored on to the next drive.

Yea the new move for these pieces of shit nerds is to get in, and wait a while to see any backups you may access and infect those as well. That’s why I keep a cloud daily sync and an external update monthly.

If they want to get you they will but we do our best and keep going. Luckily none of my financial company stuff is on my server so, if someday I do have money worth stealing they won’t have any info to try to steal it.