How To Use TrueNAS ZFS Snapshots For Ransomware Protection & VSS Shadow Copies

preview_player
Показать описание
Connecting With Us
---------------------------------------------------

Lawrence Systems Shirts and Swag
---------------------------------------------------

AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store

UniFi Affiliate Link

All Of Our Affiliates that help us out and can get you discounts!

Gear we use on Kit

Use OfferCode LTSERVICES to get 5% off your order at

Digital Ocean Offer Code

HostiFi UniFi Cloud Hosting Service

Protect you privacy with a VPN from Private Internet Access

Patreon

⏱️ Timestamps ⏱️
0:00 The Ransomeware and Issues with Restoring
3:02 The TrueNAS server setup
4:07 Keeping Separate Root Password
5:05 TrueNAS Dataset Configuration
5:34 TrueNAS Share Configuration For VSS
6:55 How To Setup Snapshots on TrueNAS
10:49 Restoing TrueNAS Volume Shadow Copies in Windows
12:30 TrueNAS cloning Snapshot to new dataset
15:42 Performing TrueNAS full rollback with Snapshot
#TrueNAS #NAS
  1. Lawrence Systems
  2. lawrencesystems
  3. freenas ransomware protection
  4. network attached storage
  5. nas
  6. freenas
Рекомендации по теме
Getting the Most 0:18:31

Getting the Most Performance out of TrueNAS and ZFS

TrueNAS ZFS VDEV 0:13:57

TrueNAS ZFS VDEV Pool Design Explained: RAIDZ RAIDZ2 RAIDZ3 Capacity, Integrity, and Performance.

ZFS Basics - 0:10:22

ZFS Basics - Pools and VDEVs - Testing, Configuration, and Expansion

TrueNAS: How To 0:18:42

TrueNAS: How To Expand A ZFS Pool (Update RAIDz Expansion Video added to Description)

How to Layout 0:15:56

How to Layout 60 Hard Drives in a ZFS Pool & Benchmarking Performance.

ZFS 101: Leveraging 0:14:17

ZFS 101: Leveraging Datasets and Zvols for Better Data Management

The EASIEST way 0:09:53

The EASIEST way to Expand Your ZFS Pool in TrueNAS (But is it the Best?)

How Much Memory 0:06:59

How Much Memory Does ZFS Need and Does It Have To Be ECC?

How To Use 0:15:07

How To Use ZFS Encryption With TrueNAS For Pools and Datasets

TrueNAS Tutorial: Expanding 0:09:32

TrueNAS Tutorial: Expanding Your ZFS RAIDz VDEV with a Single Drive

Fix slow ZFS, 0:11:45

Fix slow ZFS, get More IOPS! Best Practices for TrueNAS

Explaining ZFS LOG 0:25:08

Explaining ZFS LOG and L2ARC Cache: Do You Need One and How Do They Work?

Backup & Recovery 0:21:49

Backup & Recovery Made Easy: TrueNAS ZFS Replication Tutorial

How To Replace 0:05:56

How To Replace A Drive In Your TrueNAS ZFS Pool

How To Use 0:20:31

How To Use TrueNAS ZFS Snapshots For Ransomware Protection & VSS Shadow Copies

Fixing my worst 0:10:40

Fixing my worst TrueNAS Scale mistake!

Using ZFS Snapshots 0:15:03

Using ZFS Snapshots to Protect Data in TrueNAS CORE 12 - One of the Best ZFS Features

Creating a RAID 0:00:33

Creating a RAID 1 ZFS pool in TrueNAS on Proxmox

I had VDEV 0:17:42

I had VDEV Layouts all WRONG! ...and you probably do too!

ZFS Snapshots Explained: 0:25:03

ZFS Snapshots Explained: How To Protect Your Data From Mistakes, Malware, & Ransomware

6 Crucial Settings 0:11:16

6 Crucial Settings to Enable on TrueNAS SCALE

Deciding between RAIDZ-1 0:01:14

Deciding between RAIDZ-1 and RAIDZ-2 (Configuring ZFS)

The Ultimate ZFS, 0:20:32

The Ultimate ZFS, Proxmox, and TrueNAS Scale Guide

Adding a Mirror 0:05:08

Adding a Mirror vdev to Existing ZFS Pool in TrueNAS

Комментарии
Автор

Tom I’ve found the most valuable thing you provide in your videos is that you explain the topic in a manner that is far more in depth than a simple tutorial of "click here, type this, click that, ok done."

Your style of explaining how the system/software works along with your recommended best practices is really the best teaching method IMO. It lets us understand the topic and decide how to best implement for our specific needs. Thanks as always!

charlescc
Автор

This very thing did happen to me. My 9 yr old son clicked on a pop-up while on the 'net. Welp, it was a ransomware attack, all files locked on local computer + computers connected to LAN + all files on my (then) FreeNAS box. I had my FreeNAS connected as network drives for my weekly backups - all of the backups got locked :(
Steps taken to avoid disaster:
1. Unplugged household from internet
2. Unplugged all computers from LAN
3. Rolled back to the snapshot before ransomware attack on FreeNAS box - All files restored

4. Took a portable hard drive, transferred each computer image to it
5. Completely wiped all local computer hard drives of all data (Bootable Acronis Drive Cleanser - using the DoD standard)
6. One at a time, re-imaged each computer with Acronis images
7. Made sure Cable Moden was unplugged for more than a day (made sure I got new IP address)
8. Plugged all back in LAN and Internet

Took 2 days, but all computers and FreeNAS box were restored without losing much data at all. The whole time, I showed my son the steps taken from #1 to #8 and what was involved and he now knows why he's got to watch what he clicks.

voodooutt
Автор

You have to be careful when rolling back because it deletes all intermediate snapshots, so make sure you go back to the latest-good one

magnets
Автор

As always, another great tutorial! We and the rest of the #TrueNAS Community thank you!

TrueNAS
Автор

This is a really great explanation and overview of snapshots. Thanks very much!
If I might suggest a follow-up: snapshot replication to another Free/TrueNAS server or just S3 storage in general.

Either way, thanks so much for this video. I really enjoy seeing your posts. Always informative!

DrHellbenders
Автор

Thank you! I was trying to restore through windows and it has been running almost 24 hours with 20 hours left! You're an awesome resource. <3

NathanBerryNC
Автор

That was a great explainer! I set up my snapshots and followed along with your tutorial, and was amazed at how well the zfs snapshot process works - especially with the Windows File Manager's restore. Anyway, keep up the fantastic work you do.

raptorcybersecurity
Автор

whoever disliked your video, is one of those guys that run ransomware... :)

aliaghil
Автор

Another excellent tutorial, even for non english native listeners!!! Verry clear concepts and diction. Thumbs up from Argentina!!

gpmdp
Автор

Funny you bring this up. A few years back an org I'd just turned up for my first day had internet backups to a provider but had a measly download speed, they had just lost their SAN. I'd prefer a local backup offline preferably at a local site within a few miles and a third backup to cloud. I've seen people do cloud backups but the cost of downloading the backups is very costly not to mention time consuming.

davidsomething
Автор

I was thinking about this in past: if snapshot can protect rannsomware encryption action and was not sure about it. So thank you for opening this topic :)

janjurak
Автор

Just wondering : in case of a ransomware attack, if a snapshot saves the difference between the original and encrypted files, does that mean the snapshot has to have the same size as the whole dataset ? If so, does that mean that you need at least50% free space on your dataset ? When happens if, say, your dataset is 75% full and a ransomware hit ? There shouldn't be enough space to store all the fraudulent modifications, right ?

TheNefastor
Автор

Great stuff, be interested on your opinion of Synology Btrfs snapshots as protection from ransomware. It seems to work in a similar way through DSM.

TheSparkybon
Автор

Please make a TrueNAS course. Thank you for the video.

ultraali
Автор

I got hit with one of these few months ago, really stung and didnt have snapshots enabled at the time. Lost some data but chalked it up to experience and have since enabled. One method if you want to browse the snapshots without going into the dataset options and set Snapshot directory to Visible, you should then be able to see it from the root of the dataset under the .zfs folder and this will let you (the user) browse the snapshots via SMB and copy files back over as required.

bobbrown
Автор

you know a lot of thing Tom. i find your vids intresting, keep doing it. support, ciao

andreavergani
Автор

I appreciate their ever! thanks for the content!

binho
Автор

Help needed, How to create permissions on a dataset called : OfficeData, UserName: Admin UserGroup: AdminGroup having Full control whereas another group called OfficeUserGroup (with all user in that group) having ReadOnly permission.

SaviorGuru
Автор

Thanks Tom! Long time viewer and subscriber but my first ever comment....In windows you can use the "previous versions" tab to access a file; however, under linux do you need to clone the drive and mount it to be able to recover the file or is there something similar to "previous versions" in linux that I've missed? Thanks again and keep the videos coming!

BallerinaElena
Автор

How do I take a snapshot of a Windows Server?

rayyanthamim