Backup thoughts

Backup your stuff.  Period.  No exceptions.  Viruses, power surges, HD failures, etc will never go away.  Evar.  Entropy is just one of those things.

For simplest form of backup, copy My Documents, Favorites and Desktop to an external HD (cheap on Newegg, TigerDirect, etc), thumb drive or SD card.  Keep one off-site, one in a safety deposit box or a buddy’s place.  Swap every few months.  Every year or so, buy a new one.  Retire the old one to your safety deposit box or whatever clearly labeled with the year in question.

I’m partial to 32 gig micro SD cards for critical data, which are the size of your pinky nail.  Very easy to hide.

Next simplest is “cloud” backups.  (cloud.  ugh.)  For home users, I highly recommend BackBlaze.  $4-5 a month for unlimited (and they bloody well mean unlimited) storage.  There are others, any of them are good enough.  Mozy is another.

Geeks, read this:
If you’re not drooling, you’re not a geek.

If you’re a slightly more geeky person, you can use the S3.  I use it for my servers, as s3sync is very handy.

Here’s my script for my CentOS servers:

It’s a very stripped down version.  I’m obviously not publishing the locations of anything that’s not standardized stuff.  I do daily light backups of log files, configuration files, SQL databases, etc.   Weekly backups for my HTML files, graphics, MP3s, videos.  Now, in the posted code, I left it using ECB.  Why, I friggin forget, but it should be cipher-block chaining.  Don’t use ECB in multiple block encryption.  Evar.  CBC is fine for most stuff, but you could adjust for whatever you’re doing.

Prune it down every month or two and you’re looking at 12 cents a month or so.  Most I ever reached was a dollar, because I forgot to prune for a few months.  I added an appointment every two months.  I keep monthly and yearly heavy uploads.

For a paranoid non-geek home user, use TrueCrypt and just backup the TrueCrypt container.  The program and documentation are friendly to non-geeks.

Read More

Stock anti-virus advice

My stock solution is to disconnect from network/internet, remove the crapware “anti-malware” software, blacklight to check for rootkits, Microsoft safety scanner, some of the AV quick scanners, install Kaspersky AV, reconnect to the network/internet and patch the machine.

Ideally, if a user is backing up their data, just format the machine, re-install with an unattended install disk (nLite for the win), install KAV, connect to internet, patch.  Microsoft killed off any offline patching utilities.  But if you’re clever, you can isolate a port on a switch to only connect with your WSUS server.

You should not be using multiple AV/AM (anti-virus, anti-malware) products under normal circumstances.  Pick a good AV and use it solely under normal circumstances.  Trend, F-Secure, KAV are top tier.  McAfee, Bitdefender, Norton, Clam, Microsoft Security Essentials are second tier.  NOD32, AVG, et al are third tier.

Patch your OS and software regularly.  Backup your info regularly.  This is as important or more important than your AV/AM solution.

Read More