Softpanorama

May the source be with you, but remember the KISS principle ;-)
Contents Bulletin Scripting in shell and Perl Network troubleshooting History Humor

Prev | Up | Contents | Down | Next

Softpanorama malware Defense Strategy

Part 2: Backup process

Introduction

The first requirement of backup is that it should be up-to-date. That means that you need to do it quote often. For example weekly for C-partition and daily for your data partition.

Move your data off C-partition to minimize the C: image size

This is an optional step, but it make sense to minimize your C-drive as you probably will restore the system several times during the lifetime of a particular PC. You can create links to Folders in "C:\Documents and Settings\dell\Application Data\" folder. For example Mozilla Thunderbird write emails in folder

"C:\Documents and Settings\dell\Application Data\Thunderbird\"

You can move it to say data drive D and link it with softlink (I use FAR for this purpose, but most file managers provide an option to create a link to the folder)

The key idea here is to make your system image smaller so that creation of the backup image of the partition does not take too long. Let's say 20-30 min for the backup of C-partition to the USB 2.0 drive. 

People often keep way too much staff of C drive and recently with music, photos and videos the situation became really unmanageable. If you move most of your documents and files to the other drive (let's call it D: -- data), then the total amount of space consumed by Windows XP with a typical software set (let's say MS Office, Thunderbird, Firebox) is approximately 30G or even less.

If you use Thunderbird and store all your email on C-drive that this size can be substantially larger. That's why it is recommended to have a second harddrive for your data.

While "separation of user files and system files" is optional, it does provides some advantages. First of all it reduces the chances of loss of your data due to malware infection: the most typical reason for loss of the data on C-drive are some badly Though out and hastily executed actions directed toward removal of infection. It also permits to collect all your valuable data (and your data are definitely more valuable then system image, may be 100 or 1000 times more valuable). If your data are on a separate small partition you can backup them more often (preferably daily).

If you move your data to a separate partition (second partition on primary drive or second hard drive or even USB drive) you will have better control on what is what. If you use laptop having two partitions (C: and D: ) on a single internal drive is more convenient.  So you need to shrink C: partitions (see below).

In any case it is important practice to store your data on a partition different from the system partition and this practice should be strictly adhered to. You can save yourself from a lot of troubles by separating Windows operating system and your data.

Relocating  parts or all your profile from C: to D: drive have several advantages in data recovery situations: 

This is easier to do with Windows 7 then with Windows XP althouth moving My Documents folder is possible under Windows XP too. See how to relocate Documents & Settings

Clean and defragment the C drive

To minimize the amount of data you need to backup from system partition you need to clean the drive from junk. There are several directories to clean. Among them: 

The best way I know to accomplish this task is to run a free utility called CCleaner

CCleaner is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner. But the best part is that it's fast (normally taking less than a second to run) and contains NO malware or Adware! :)

After that it makes sense to defragment the C partition (unless you are using solid state drive).  It is actually safer to defragment the drive after the backup.

Write the image of C: partition to the second drive

For desktops the easiest solution is to use USB drive or install additional harddrive. For laptops and minis your only option is to use external drive. eSATA drives are faster then USB so if your laptop/desktop supports eSATA it makes sense to buy eSATA enclosure and install the drive in it.

The procedure depends on the tool for creating images that you are using. The are several free and commercial possibilities here (see more information is

We will discuss only Acronis and its free versions 

Acronis True Image is one of the cheapest commercial offerings and is pretty reliable on 32 bit Windows XP. You can find it for approximately $25-$35 delivered electronically. It does not have high rating on Amazon but that is mainly due to complex cases when users expect from the program too much (case of sandwiched drive with multiple OS installed is one typical problematic case). For simple cases like ours this is OK program.

It is one of  the cheapest of commercial offerings and works reasonably well.  It is important to test not only creation of the image but restoring it as well

Create a bootable system disk or partition

Purchase or assemble a drive identical to in size to the one you use in your desktop or laptop (having spare drive is a good idea, as drive failure is the most frustrating experience for PC and especially laptop users) or a small USB drive (64G-120G, not more) and make a full copy or just a bootable copy of your C partition on this drive.

You can just restore the image you created on a previous step on the drive. True Image has special function of cloning of disks (hidden in Tools menu) is very useful and works really well. Please note that it uses a standalone loader (I think it is Linux based, not WinCE based).

 It is very important that this operation is performed on a healthy system. While attempt to save a dying or infected system might succeed, failure in such case is more typical and should not surprise anybody...

Also the image that you use of C partition that you clone should have imaging program installed.

This "definitely healthy" bootable USB drive can later be indispensible for restoring the system partition on your PC or laptop. As it is a fully usable system it relives time pressure from the restoration process. And it is time pressure that is the source of most blunders during the restoration process, the blunders that often cost users their data. 

It does not need make it to up today. You can update this drive one a month or quarter.  Moreover the content of this drive can be completely static but in this case you need periodically check it (at least one a quarter). 

Create a daily schedule for backing up your data partition

If you moved most of your user data to the second partition (D:) you can backup Operating system partition (C:)  one in a week or biweekly. In no case Microsoft backup should be used for your data. This is a defective product. Incremental backups are OK for you data partition but not for the system (C:) partition.

It is wise to write images on a large drive so that at least a dozen generation of images are available for both you C partition and D (data) partition.

The reason is that corruption of files often is detected in period larger then interval between backups (assuming it is one week for C-drive and one day for D drive).  60 days backup storage is standard recommended practice.  1-2TB drive  is usually sufficient to keep several dozen of generations of images.  That provide you the capability to restore from image that is not infected even if you notice the infection in a week or two.

Mirrored drives for backup are important as the value of your data far exceed the value of additional drive required for mirroring. There are several such drives and enclosures the support RAID 1. This is a very good investment:

You can split this drive (1GB of usable space) into two partitions: one for C: images (500 MB) and the second for your data (also 500MB). 

One image of C partition will be around 22GB so 500GB is enough for approximately 20 of them.

Typical data partitions (unless you are an avid photographer) is probably 6GB, but can be as large as 20GB. In case of 6GB you probably never exhaust the space on the second partition. In case of 20GB or more your mileage may vary.

Prev | Up | Contents | Down | Next



Etc

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit exclusivly for research and educational purposes.   If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner. 

ABUSE: IPs or network segments from which we detect a stream of probes might be blocked for no less then 90 days. Multiple types of probes increase this period.  

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Haterís Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least


Copyright © 1996-2016 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License.

The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: May, 08, 2017