swamiforlife Posted February 17, 2018 Share Posted February 17, 2018 Hey, I want to start and stop the array on a fix schedule. Is there a way to do this in Unraid? I want the server to stay powered on as this reduces complexity of the solution. Basically i have setup a Unraid server as a data backup server. I have nightly backups going to it but other than those few hours i want the array to be turned off. The reason for all this is i want to protect the server (data) from ransomware and other virus attacks. I am open to better ideas. Link to comment
Frank1940 Posted February 17, 2018 Share Posted February 17, 2018 The question you might want to consider asking if 'how do I write a script that will stop the array and a script to start it'. Then having those two scripts ready and tested, setup cron tasks to execute them at the proper times. EDIT: By the way, you do realize that this plan will only protect if you can catch the malware (and isolate it) before the time when you start up the array... Link to comment
swamiforlife Posted February 19, 2018 Author Share Posted February 19, 2018 Can someone please help me with writing scripts to start and stop an array on schedule. I understand the while the backup is going on the server is exposed to the risk of ransomware or viruses but an overnight backup when no users are using the network mitigates most of that risk. Its still better than being exposed for 24 hours compared to 2 hours a day. Link to comment
pwm Posted February 19, 2018 Share Posted February 19, 2018 1 hour ago, swamiforlife said: I understand the while the backup is going on the server is exposed to the risk of ransomware or viruses but an overnight backup when no users are using the network mitigates most of that risk. I don't think this is true unless you turn off all your other computers during the night. If you get a ransomware, then it will lay waiting for new file data to attack even if no user is around when the share goes online. Link to comment
swamiforlife Posted February 19, 2018 Author Share Posted February 19, 2018 Actually, its very rare that ransomware just gets into the network on its own, its mostly when a user actually visits a malicious site or downloads something and then opens it. Also there are only a few select computers that have internet access and we have an enterprise firewall. So for my situation i think its very little risk. Link to comment
Frank1940 Posted February 19, 2018 Share Posted February 19, 2018 IF you search on the Apps tab using 'script' you will find this plugin ---- CA User Scripts ---- Which will run your scripts on a schedule. There is as a support thread which might provide some help writing the scripts that you require. Link to comment
Squid Posted February 19, 2018 Share Posted February 19, 2018 On 2/17/2018 at 11:06 AM, swamiforlife said: I want to start and stop the array on a fix schedule. Is there a way to do this in Unraid? Easiest solution would be to use the S3 Sleep plugin to actually sleep the server during inactivity, and then if your BIOS supports it, power on the server at a certain time. Stopping / starting at a certain time, but leaving it on while not impossible has a complication due to CSRF tokens Link to comment
Frank1940 Posted February 19, 2018 Share Posted February 19, 2018 @squib, What I think he wants to do is just stop and start the array. (Basically, the same as pushing the 'Stop' and 'Start' button on the "Array Operation" section/Tab on the Main Page.) Link to comment
Squid Posted February 19, 2018 Share Posted February 19, 2018 Just now, Frank1940 said: @squib, What I think he wants to do is just stop and start the array. (Basically, the same as pushing the 'Stop' and 'Start' button on the "Array Operation" section/Tab on the Main Page.) Not impossible, but like I said there's some complications due to csrf tokens as AFAIK there is no way to stop or start the array via the command line per se, and what you're actually doing is doing a wget / curl to the webUI to stop / start. Link to comment
Frank1940 Posted February 19, 2018 Share Posted February 19, 2018 13 minutes ago, Squid said: Not impossible, but like I said there's some complications due to csrf tokens as AFAIK there is no way to stop or start the array via the command line per se, and what you're actually doing is doing a wget / curl to the webUI to stop / start. @swamiforlife, You might want to read through this thread. https://lime-technology.com/forums/topic/58374-secure-writing-strategy-for-unraid-server-using-write-once-read-many-mode/#comment-572532 If I understand what you want to do, this could work. You might need a script to copy the appropriate Share directory structure to the cache every night and perhaps to create a new directory for that day's backup but I know those commands already exist in Linux. (P.S. ---- It has been forty years since I last wrote a shell script so I am not the one to advise you on the ins-and-outs...) Link to comment
trurl Posted February 19, 2018 Share Posted February 19, 2018 Here is a completely different solution to ransomware protection in case you weren't aware: https://lime-technology.com/forums/topic/50737-plugin-ransomware-protection/ Link to comment
swamiforlife Posted February 19, 2018 Author Share Posted February 19, 2018 Yes Frank thats exactly what i want to do as far as start and stop goes Link to comment
pwm Posted February 19, 2018 Share Posted February 19, 2018 11 hours ago, swamiforlife said: Actually, its very rare that ransomware just gets into the network on its own, its mostly when a user actually visits a malicious site or downloads something and then opens it. Also there are only a few select computers that have internet access and we have an enterprise firewall. So for my situation i think its very little risk. But the problem isn't when they get in. The problem is that when they have affected a computer they will keep an eye on files to maul even if the user isn't sitting at the desk. So delaying the access to the backup server to night-only doesn't give it much better protection unless the user computers are turned off then. It's better protection to make sure existing files are protected from changes or removals so the ransomware is limited to just encrypting new files fed to the backup server. With reasonable versioning there will then be a bit of time to catch the infestation before older backup data gets recycled. Your script will just open a time window when already infected computers may attack the server - and at a time when no one is there and can notice any additional file operations. Link to comment
Frank1940 Posted February 19, 2018 Share Posted February 19, 2018 @pwm is correct as I understand it. The latest rounds of Malware is smart enough to do two things. First, they only encrypt what are thought to be data folders and leave the OS and programs files alone. Second, in some cases they will prowl the network looking for other computers to which it can inflect with the Malware (Worm type behavior). Thus, you virtually have to isolate every computer on the network to clean up the mess. (In the worst case scenario, an inflected laptop that was taken out of the office could reintroduce the problem when brought back in.) Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.