Timed network shares

The_Librarian

The_Librarian

Another MyBB
Super Moderator
Joined
Nov 20, 2015
Messages
41,546
Reaction score
21,125
Location
Dark room in Adventure. Grues abound.
Hi Guys

Is there a way of having timed network shares - network shares that only is active between certain hours on certain days.

So that any nasty cryptolocker with network enumeration capabilities will not be able to find your backup server and start encrypting things on it.

Just a small brain burp I've had... not sure if it is possible or feasible...


...but I suppose it may be possible with powershell and scheduled batch files...

Thoughts?
 
Rather look at setting the correct permissions. Users should not have full access, or any access for that matter to backup shares.

Users should have the least amount of access possible.

If you want to though you could script something like starting/stopping shares via powershell. Not ideal though.
 
I'd say scheduled batch file / powershell script would probably be the easiest way to go.
 
push traffic through firewall with time based rules?
 
If crypto can find your backup shares you have bigger problems as no device on your network should ever be able to casually browse your backups.
You backups should ideally be on a dedicated server or NAS and whatever is taking care of your backups should have its own account which is the only account that can see your backups.

Also, the "3 2 1 rule" for backups:

3 backups
2 different media types (ie NAS and tape)
1 offsite copy

Anyway, here's what we are doing to minimize the affect of crypto:

Servers
Shares all have backups run daily and volume shadow copies which are run every 2 hours to minimize damage.
Volumes monitored for known Crypto extensions
Least privileged access on all shares. This is by far the most work but once implemented properly the virus will do very limited damage.

Workstations
Mail filters to drop known carriers (*.vbs, *.xlsxm etc)
Backups on the cheap through Cobian (managed by AD to make deployment and configuration easy, with a bit of tweaking this link works for the latest version)

Most importantly: user education!
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X