TyantA Posted January 7, 2023 Share Posted January 7, 2023 (edited) If it's a website, I'd look for rogue code. If it's Windows I'd just format the system (lol). Unraid? I have no reason to believe mine has been, but I'm still curious - what would one do? I suppose you could start from scratch but would there be an easier way (maintain drive config at least)? Would just copying over fresh Unraid files to flash suffice? Could a compromised VM pose any issues to the rest of the system/network? In theory I'd think not but... Edited January 7, 2023 by TyantA Quote Link to comment
Solution trurl Posted January 7, 2023 Solution Share Posted January 7, 2023 Unraid installs itself into RAM fresh from the archives on flash at each boot, and runs completely in RAM. Think of it as firmware. These flash archives are not modified except on each upgrade. These are the bz* files in the root folder of the flash drive. Your configuration is completely stored in the config folder on flash. You must always have a current backup of your configuration. Everything on your disks is just your data, no Unraid OS files are stored with your data, but Dockers/VMs are stored with your data. Quote Link to comment
TyantA Posted January 7, 2023 Author Share Posted January 7, 2023 That turl. So because it's a bz file, you're saying they can't (at least easily) be changed outside of an update. So the "low hanging fruit" risk is attack surfaces on dockers and VMs and their inherent potential security issues (ex, Windows), but they are in theory completely isolated from the host OS... and there's nothing really there (Unraid level) that would persist beyond a reboot. So if one were truly concerned, you could blow out / restore a VM from a known clean state and be sure dockers are up to date and follow security best practices. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.