Results 1 to 5 of 5
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Baltimore, MD
    Posts
    15
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Ransomware Protection - Is my Windows Home Server Vulnerable?

    Are my WHS v1 backups vulnerable to ransomware? If the bad guys get into my machine or my home network, I know that my cloud storage and any connected external HDDs are all vulnerable. But what about my WHS backups? I'm hoping that the fact that a password is required to access the server will block an attacker. Note that I do not use the remote access capability of my server so they won't be able to get in that way. What do you think?

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,175
    Thanks
    47
    Thanked 981 Times in 911 Posts
    Ransomeware installs on the machine as you and runs as you, so you have already provided the password. The (partial) solution is never run with administrator permission and never install any software.
    If you map to drives on the server and your PC is infected, then the server files you have access to will be compromised.
    If WHS backs up your infected machine the files will still be encrypted.

    cheers, Paul

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    Baltimore, MD
    Posts
    15
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Paul T View Post
    Ransomeware installs on the machine as you and runs as you, so you have already provided the password. The (partial) solution is never run with administrator permission and never install any software.
    If you map to drives on the server and your PC is infected, then the server files you have access to will be compromised.
    If WHS backs up your infected machine the files will still be encrypted.

    cheers, Paul
    Thanks Paul. Actually, I have not "already provided the password". To access my backup files on the WHS, I have to first log into the server console, which requires that a password be entered manually. The server is not mapped to a drive. The only thing (I think) a bad guy could do would be to first encrypt my local files and then be smart enough to manually start a backup. Presumably my pristine backup would then be overwritten by the encrypted files. The other thing that could get me is if the bad guy gets into my machine, does his thing and then the backup runs as scheduled on it's own before I can get to it and stop it from running.
    Mike

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,175
    Thanks
    47
    Thanked 981 Times in 911 Posts
    My comments assumed you had logged onto the server and were installing the ransomware, intentionally or otherwise.

    cheers, Paul

  5. The Following User Says Thank You to Paul T For This Useful Post:

    m.mcguirk (2016-04-10)

  6. #5
    WS Lounge VIP Calimanco's Avatar
    Join Date
    Dec 2009
    Location
    UK
    Posts
    718
    Thanks
    1
    Thanked 144 Times in 130 Posts
    The recommended way to protect against any loss of data is to create an external backup, remove it from the PC/network and store it securely. If you are a business, store a copy off site and always create a new backup daily. Keep several days backups in store as a slightly out of date backup is better than no functioning backup at all.

  7. The Following User Says Thank You to Calimanco For This Useful Post:

    m.mcguirk (2016-04-10)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •