<html><head></head><body>I use lvm snapshoting and borg incremental backup of snapshoted storages.<br><br><div class="gmail_quote">On October 12, 2020 2:27:26 PM GMT+02:00, Anthony Frnog <anth.frnog@gmail.com> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div dir="ltr">Hi,<div><br></div><div>Thank you for your answer. </div><div>I already made this.</div><div><br></div><div>Anthony</div><div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Le lun. 12 oct. 2020 à 11:46, Digimer <<a href="mailto:lists@alteeve.ca">lists@alteeve.ca</a>> a écrit :<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 2020-10-12 5:36 a.m., Anthony Frnog wrote:<br>
> Hi,<br>
> <br>
> To begin, my apologies if I post à the wrong place.<br>
> <br>
> I use DRBD (version 9) on differents servers. My DRDB cluster is a<br>
> shared storage for VM on Proxmox et Vmware Currently, there is a lot of<br>
> ransomware attacks. This is a really problem... So, if my DRBD cluster<br>
> is encrypted, all data will be encrypted and all VMs will be "dead". My<br>
> question is: Is there a DRBD solution able to save all data stored on<br>
> DRDB node in order to restart my production if I have a ransowmare ?<br>
> <br>
> <br>
> Best regards Anthony <br>
<br>
There's no specific anti-ransomware tools in DRBD, but you could set<br>
something up easily enough. You could, for example, take periodic<br>
snapshots of the backing LVM devices (assuming you use LVs to back DRBD<br>
resources). You could keep N-number of snapshots and automatically cycle<br>
them out.<br>
<br>
How often you snapshot, and how many you keep, would depend on your<br>
wants and resources. You probably want to be able to roll back at least<br>
a week though, as it is my experience that some ransomware attacks lay<br>
dormant for a period of time before encrypting (to get into backups).<br>
<br>
In the end, DRBD is fundamentally an availability solution, and not a<br>
backup solution. (Same idea as how "RAID is not backup"). You really<br>
need to be sure that your data is backed up safely and incrementally.<br>
Any snapshot-based approach should be seen as a way to more rapidly<br>
recover to production, and not as a core backup method.<br>
<br>
-- <br>
Digimer<br>
Papers and Projects: <a href="https://alteeve.com/w/" rel="noreferrer" target="_blank">https://alteeve.com/w/</a><br>
"I am, somehow, less interested in the weight and convolutions of<br>
Einstein’s brain than in the near certainty that people of equal talent<br>
have lived and died in cotton fields and sweatshops." - Stephen Jay Gould<br>
</blockquote></div>
</blockquote></div><br>-- <br>Sent from my Android device with K-9 Mail. Please excuse my brevity.</body></html>