Re: [NTSysADM] Re: scheduling iSCSI connections

2017-08-14 Thread Andrew S. Baker
It really seems like an effort to solve the wrong problem.

Why not just ensure that end-users don't have direct access to the device
which is handling backups, or to the back-end storage location of the
backups?

It's not like malware cannot lurk and wait for access...

Regards,

 *ASB*
 *http://XeeMe.com/AndrewBaker <http://xeeme.com/AndrewBaker>*

 *Providing Expert Technology Consulting Services for the SMB market…*

* GPG: *860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842



On Sun, Aug 13, 2017 at 5:30 PM, J- P <jnat...@hotmail.com> wrote:

> While its possible , it is less likely as most infections are due to users
> clicking on or opening something , which will not occur off hours.
>
> And in reality the window would be shorter since  it uses CBT,  so on
> average the backups are about 10 minutes for most servers, with the
> exception of Exchange it usually takes about 45 min.
>
>
> I could theoretically install a new server (off domain) and run the backup
> software on that server which would solve the problem- lets see if I can
> sell them that idea.
>
>
> thanks
>
>
>
>
>
>
> --
> *From:* listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>
> on behalf of Brian Desmond <br...@briandesmond.com>
> *Sent:* Sunday, August 13, 2017 12:06 PM
>
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* [NTSysADM] RE: scheduling iSCSI connections
>
>
> So what happens if your ransomware scenario occurs while the backup is
> running? That invalidates all your backups at that point as well.
>
>
>
> Perhaps I’m thinking of something else but all the backup toolsets I’ve
> worked with all push the data over the network to a central system that
> interacts with the backend storage/media.
>
>
>
> Thanks,
>
> Brian
>
>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] *On Behalf Of *J- P
> *Sent:* Saturday, August 12, 2017 10:39 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* [NTSysADM] Re: scheduling iSCSI connections
>
>
>
> not sure I follow, the backup runs to a "local disk  iscsi target" then
> replicates offsite- - but I'm  assuming (God forbid) ransomware hits the
> host then it would also encrypt  the  "local iscsi disk" -
>
>
>
> tia
>
>
>
>
> ------
>
> *From:* listsad...@lists.myitforum.com <listsad...@lists.myitforum.com>
> on behalf of Brian Desmond <br...@briandesmond.com>
> *Sent:* Saturday, August 12, 2017 5:51 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* [NTSysADM] RE: scheduling iSCSI connections
>
>
>
> Wouldn’t your backup tool be responsible for doing this? This seems very
> likely to fail in some way, shape, or form at some point.
>
>
>
> Thanks,
> Brian
>
>
>
>
>
> Thanks,
>
> Brian Desmond
>
>
>
> w – 312.625.1438 <(312)%20625-1438> | c – 312.731.3132 <(312)%20731-3132>
>
>
>
> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *J- P
> *Sent:* Friday, August 11, 2017 12:59 PM
> *To:* NT <ntsysadm@lists.myitforum.com>
> *Subject:* [NTSysADM] scheduling iSCSI connections
>
>
>
> Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect
> 6 am)
>
>
>
> We currently backup our hyper-v guests to our NAS which is presented to
> the host via iSCSI,
>
>
>
> The goal is  to achieve the equivalent  of ejecting a tape after backup is
> complete, in case of a ransomware infection.
>
>
>
> We do also have it offsite, however, I'd much rather restore 6tb locally
> than over the wire.
>
>
>
> Any thoughts feedback are greatly appreciated
>
>
>
>
>
>
>



[NTSysADM] Re: scheduling iSCSI connections

2017-08-13 Thread J- P
While its possible , it is less likely as most infections are due to users 
clicking on or opening something , which will not occur off hours.

And in reality the window would be shorter since  it uses CBT,  so on average 
the backups are about 10 minutes for most servers, with the exception of 
Exchange it usually takes about 45 min.


I could theoretically install a new server (off domain) and run the backup 
software on that server which would solve the problem- lets see if I can sell 
them that idea.


thanks






From: listsad...@lists.myitforum.com <listsad...@lists.myitforum.com> on behalf 
of Brian Desmond <br...@briandesmond.com>
Sent: Sunday, August 13, 2017 12:06 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: scheduling iSCSI connections


So what happens if your ransomware scenario occurs while the backup is running? 
That invalidates all your backups at that point as well.



Perhaps I’m thinking of something else but all the backup toolsets I’ve worked 
with all push the data over the network to a central system that interacts with 
the backend storage/media.



Thanks,

Brian





From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Saturday, August 12, 2017 10:39 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Re: scheduling iSCSI connections



not sure I follow, the backup runs to a "local disk  iscsi target" then 
replicates offsite- - but I'm  assuming (God forbid) ransomware hits the host 
then it would also encrypt  the  "local iscsi disk" -



tia







From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
<listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>> on 
behalf of Brian Desmond <br...@briandesmond.com<mailto:br...@briandesmond.com>>
Sent: Saturday, August 12, 2017 5:51 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: scheduling iSCSI connections



Wouldn’t your backup tool be responsible for doing this? This seems very likely 
to fail in some way, shape, or form at some point.



Thanks,
Brian





Thanks,

Brian Desmond



w – 312.625.1438 | c – 312.731.3132



From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of J- P
Sent: Friday, August 11, 2017 12:59 PM
To: NT <ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>>
Subject: [NTSysADM] scheduling iSCSI connections



Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect 6 am)



We currently backup our hyper-v guests to our NAS which is presented to the 
host via iSCSI,



The goal is  to achieve the equivalent  of ejecting a tape after backup is 
complete, in case of a ransomware infection.



We do also have it offsite, however, I'd much rather restore 6tb locally than 
over the wire.



Any thoughts feedback are greatly appreciated









[NTSysADM] RE: scheduling iSCSI connections

2017-08-13 Thread Brian Desmond
So what happens if your ransomware scenario occurs while the backup is running? 
That invalidates all your backups at that point as well.

Perhaps I'm thinking of something else but all the backup toolsets I've worked 
with all push the data over the network to a central system that interacts with 
the backend storage/media.

Thanks,
Brian


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Saturday, August 12, 2017 10:39 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Re: scheduling iSCSI connections


not sure I follow, the backup runs to a "local disk  iscsi target" then 
replicates offsite- - but I'm  assuming (God forbid) ransomware hits the host 
then it would also encrypt  the  "local iscsi disk" -



tia




From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
<listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>> on 
behalf of Brian Desmond <br...@briandesmond.com<mailto:br...@briandesmond.com>>
Sent: Saturday, August 12, 2017 5:51 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: scheduling iSCSI connections


Wouldn't your backup tool be responsible for doing this? This seems very likely 
to fail in some way, shape, or form at some point.



Thanks,
Brian





Thanks,

Brian Desmond



w - 312.625.1438 | c - 312.731.3132



From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of J- P
Sent: Friday, August 11, 2017 12:59 PM
To: NT <ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>>
Subject: [NTSysADM] scheduling iSCSI connections



Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect 6 am)



We currently backup our hyper-v guests to our NAS which is presented to the 
host via iSCSI,



The goal is  to achieve the equivalent  of ejecting a tape after backup is 
complete, in case of a ransomware infection.



We do also have it offsite, however, I'd much rather restore 6tb locally than 
over the wire.



Any thoughts feedback are greatly appreciated









[NTSysADM] Re: scheduling iSCSI connections

2017-08-12 Thread J- P
not sure I follow, the backup runs to a "local disk  iscsi target" then 
replicates offsite- - but I'm  assuming (God forbid) ransomware hits the host 
then it would also encrypt  the  "local iscsi disk" -


tia




From: listsad...@lists.myitforum.com <listsad...@lists.myitforum.com> on behalf 
of Brian Desmond <br...@briandesmond.com>
Sent: Saturday, August 12, 2017 5:51 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: scheduling iSCSI connections


Wouldn’t your backup tool be responsible for doing this? This seems very likely 
to fail in some way, shape, or form at some point.



Thanks,
Brian





Thanks,

Brian Desmond



w – 312.625.1438 | c – 312.731.3132



From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Friday, August 11, 2017 12:59 PM
To: NT <ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] scheduling iSCSI connections



Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect 6 am)



We currently backup our hyper-v guests to our NAS which is presented to the 
host via iSCSI,



The goal is  to achieve the equivalent  of ejecting a tape after backup is 
complete, in case of a ransomware infection.



We do also have it offsite, however, I'd much rather restore 6tb locally than 
over the wire.



Any thoughts feedback are greatly appreciated









[NTSysADM] RE: scheduling iSCSI connections

2017-08-12 Thread Brian Desmond
Wouldn't your backup tool be responsible for doing this? This seems very likely 
to fail in some way, shape, or form at some point.

Thanks,
Brian


Thanks,
Brian Desmond

w - 312.625.1438 | c - 312.731.3132

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Friday, August 11, 2017 12:59 PM
To: NT 
Subject: [NTSysADM] scheduling iSCSI connections


Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect 6 am)



We currently backup our hyper-v guests to our NAS which is presented to the 
host via iSCSI,



The goal is  to achieve the equivalent  of ejecting a tape after backup is 
complete, in case of a ransomware infection.



We do also have it offsite, however, I'd much rather restore 6tb locally than 
over the wire.



Any thoughts feedback are greatly appreciated









[NTSysADM] Re: scheduling iSCSI connections

2017-08-11 Thread J- P
yup, 2012r2


will try that

thanks



Jean-Paul Natola




From: listsad...@lists.myitforum.com <listsad...@lists.myitforum.com> on behalf 
of Damien Solodow <damien.solo...@harrison.edu>
Sent: Friday, August 11, 2017 2:18 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: scheduling iSCSI connections


Most likely; depends on the OS of the host. I’d guess that 
‘Disconnect-IScsiTarget’ and it’s Connect- counterpart would do the trick.

Running a pair of PowerShell scripts as scheduled tasks is pretty easy.



DAMIEN SOLODOW

IT Engineering Lead

317.447.6033 (office)

HARRISON COLLEGE



From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Friday, August 11, 2017 1:59 PM
To: NT <ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] scheduling iSCSI connections



Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect 6 am)



We currently backup our hyper-v guests to our NAS which is presented to the 
host via iSCSI,



The goal is  to achieve the equivalent  of ejecting a tape after backup is 
complete, in case of a ransomware infection.



We do also have it offsite, however, I'd much rather restore 6tb locally than 
over the wire.



Any thoughts feedback are greatly appreciated









[NTSysADM] RE: scheduling iSCSI connections

2017-08-11 Thread Damien Solodow
Most likely; depends on the OS of the host. I'd guess that 
'Disconnect-IScsiTarget' and it's Connect- counterpart would do the trick.
Running a pair of PowerShell scripts as scheduled tasks is pretty easy.

DAMIEN SOLODOW
IT Engineering Lead
317.447.6033 (office)
HARRISON COLLEGE

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Friday, August 11, 2017 1:59 PM
To: NT 
Subject: [NTSysADM] scheduling iSCSI connections


Is it possible to schedule iSCSI connections  (connect at 11pm, disconnect 6 am)



We currently backup our hyper-v guests to our NAS which is presented to the 
host via iSCSI,



The goal is  to achieve the equivalent  of ejecting a tape after backup is 
complete, in case of a ransomware infection.



We do also have it offsite, however, I'd much rather restore 6tb locally than 
over the wire.



Any thoughts feedback are greatly appreciated