So, although all my fleet carries Seti :D My wifes computer is VERY overworked with other stuff, i.e. website building, graphics packages etc... Over 50 e-mails/day and then the responses... Her HD is very, very busy!!!! very full and not backed up....

Today its in computer 'blue screen heaven' AGAIN!!! Seems to boot into safe mode ok! But is not happy scanning the disk... keep getting the good old - scandisk has re-started 10 times would you like...etc

Locks dead in under a min (if it gets that far) when rebooting windows in normal mode... I've a pretty good idea that we have a virus on our hands again!!! :rolleyes: Its only been a few weeks since a similar problem - Norton dropped a backdoor auoto update virus into quarrantine yesterday - and its been pretty shakey since then!!!!But what can you expect after lots of e-mails from user groups on the net, with several unsolicited mails per day as well. Norton is protecting the machine (updated twice per month - and it all comes through another pc with the ISDN connection/BID firewall/norton-antivirsus. I still can't seem to keep the buggers out!!!

So - history done with - I'm in trouble cos' the pc's broke (its always my fault!!)... I need to protect her data so that a clean format every now and again will clear the nasty things that seem to be drawn to her pc!!!

(What I know about raid is @@**@@) So, if I buy a raid mobo and 2 HD's - will both be affected by the next virus that come along!!!!!

I'm after a backup process that's always on... If raid is not the answer how can I cofigure automatic backups of ALL the important stuff - Mrs FF is not going to sit there at 10pm every night and back up her HD... but its 2 years worth of 20Gigs of art and page sets etc.... which - IF I DON'T DO SOMETHING SOON, IT WILL NOT SURVIVE THE NEXT VIRUS/SYSTEN CRASH! :( The I will know how evil life could be...

Raid - auto backups onto other networked or local drives - with zero virus crossover... someone must be able to get close to the best solution for me.

Cheers...

well it depends what raid system you use...

raid 0 will double the speed of your data access (approximatly)

raid 1 will mirror your data exactly between 2 disks so if you have a hardware fault on one you can recover

raid 0+1 will double the speed and mirror the data but you'd need twice as many disks then...

none of these solutions protect against virus infections.

you could get a backup manager and a tape drive/second hdd and run a selective backup everynight automatically... set the system to only backup data files (the images and html pages) but not the programs (where the viruses like to hide)

if you get a 20Gb tape drive and a whole load of tapes you can use a different tape every night for a week so that even if you miss a virus infection for a few days you can rescue relativly recent data, and then have a seperate weekly/monthly /yearly tape that you archive and keep for longer incase a true disaster happens

for program files, back them all up on to CD as soon as you get them that way you have a safe copy that can't get corrupted, other than that batton down the hatches, update the AV more often (weekly at least, this can be set up automatically) and patch the hell out of windows. most viruses exploit published security loop holes that have had patches available for weeks... it's very rare that a complaetly unpatched vulnerability has a virus

i hope that made sense... i think i was rambling a bit...

dicki

ohhhhhhhhh, i hate double posts!!!!!!!!!!!!!!!!!

not your month with hard disks is it!!!

anyway, what your talking about is RAID-1 (mirroring) what that basically means is that as theRAID controller writes info to 1 disk, it writes it to the other as well. So, if you have a virus, both your disks would be infected.

what i think you need is a little batch file that when run woudl copy all the data from one machine on the network to another. My dos isnt good enough to do it, but at a guess it might be
"xcopy c:*.* x:" where x: would be a mapped drive on another machine.

in order for the backup to run, use the maintenance shecdular in windows to run it once a day/week/month, this wod provide you with a regular backup.

With your antivirus, get it to check at least once a week, or every day during the nite (i think thts where your problems are with viruses, not updating the antivirus often enough)

hope that makes sense
#
toodles :xsofa:

just thinking about it a bit more darren.

you might consider putting chrissys hard disk into 2 partitions.

a system, and a data partition.

if the disk went tits up, just format the system and hopefully the data should be ok after a virus scanner has gone through it.

that woudl also make backing up over the network easier as you could just xcopy the whole drive

toiodles :xsofa:

The way MrP says with the one disk and the two partitions is the way I normally do it. If a virus takes out the system you still have all your data. It takes a little working to get everything back to normal after the reinstall but it's a lot better than rebuilding the whole thing.

Cheers for all the answers... :D I'm going to go with a partition and a sheduled backup C: to D: at 3am of the data files - until I get something more substantial sorted.

I've got the HD back ;) It was really screwing around... got down to 'not detecting a boot-able drive!' - I'd not liked the 15Gig HD since I put the machine together, Mrs FF really knows how to fill a HD and move it all around so, I sheduled a weekly de-frag. I had to cease that - it was running really slow for an ATA66 - several hours... :(

So whilst trying to recover the disk... windows hardly running and the mouse sticking and jumping - the pc powers off and stayed off! Doh! I've replaced the PSU and its all back (one of my crunching fleet has donated the PSU :( ) EVERYTHING is fine and the HD, scanned - NortonAntivirus - and De-fragged all in an evening :D seems the PSU was never up to the task in the first place - HD purrs now! ...and I'm flavour of the month again - until next time :rolleyes:

Now I've just got to kick her off so I can partition the drive, He He!!! :p

Darren,

if you doign defrags that often, look into getting something like voptME

on my 40 gig drive it takes about 20 mins to do a full defrag, against the windows one that takes a few hours.

have you checked for viruses as well, even if it hasnt got one, i would still set it to update at least once a week (on a thursday if its norton or mcafee)

toodles :xsofa:

I use Norton Utilities to defrag...very quick and speedy.

The partitioning wont do much to protect against virus damage. Most copy themselves to all attatched drives they can. Including partitions and network drives.

However, storing data on a seperate partition from windows IS still a good idea for other reasons. Especially doing OS reinstalls. Ive done this for a couple years now, works good.

If you do network backups, be sure NOT to map the drive. Or to do temporary mapping. Viruses will just copy themselves over through the network.

Most viruses come in through emails, so I would make sure your scanning that fully. Dont use MS email client. For further protection, run Real Time virus scanning. Make sure you get virus updates regularly.

My network at work constantly gets hit with viruses. This Klez thing is the worst. Luckily, I've just installed an Email server with Nortons...basically this filters out all the viruses before they can even get to one of our employees machines. Good stuff, if your willing to set up your own email server.

Good luck :)

Originally posted by Player0

If you do network backups, be sure NOT to map the drive. Or to do temporary mapping. Viruses will just copy themselves over through the network.

My network at work constantly gets hit with viruses. This Klez thing is the worst.

Very good advise on the mapped network drive issue. After backing up the network files to my back up, I always remove the mapping.

I was just hammered by the Klez a few weekes ago. It mutated before Norton could keep up with it. But my non mapped Newtwork drive saved the day. I only lost about one weeks worth of stuff on only 2 machines. I was lucky.:)

Your bringing up points that are drifting from the maun topic, but I gaotta ask... :D

1. EEEKKKK! - I don't specifically map drives on any machines - but all drives barring 1 are full sharing capable. Safe or not???

2. My ISDN connection is on an old p200 with a nic to a hub... and my network sprouts from there. The p200 runs nortonantivirus and BlackIce for a firewall, the HD is not shared at all - but it also runs my seti queue and therefore connects to all my network over the nic on an internal IP address. How safe is that???

3. It's running the SetiQueue and BlackIce without trouble - but its tooo slow to crunch DC stuff - so I'm trying to make it earn its living. LOL! Would the p200 work as a mail server for the home network???? or is it not liable to take the pressure, its a:

P200, 128EDORam, win 98SE, connection to 100mbs network...

The mail server idea with norton filtering sounds top dog! - I'm fully Norton 2000, but have just bought the retail Norton 2001 pack so that I can upgrade the parental control of the surfing... I'll start a new thread on the mail server idea if my hardware will support it - but I'll need a hand holding newbie approach... :)

I also await the answer. You're scaring me player. I update NAV 2x weekly and run it whenever an update comes down. Now you got me bothered. I'm starting to wonder if some of the freaky things that happen from time to time might be a virous. I have somewhat of a firewall in my router. Netgear sells a router with a stronger firewall so I might have to go back to using a software firewall too. I just hope a real slow box can handle mail/firewall duties. Don't want to have to buy a new box...... ok it won't be too bad just more overtime.

hmmmmmmmm,

i have to admit, you got me thinking here as well player0.

i was under th impression, that as long as you didnt have the follwing folders shared, you were ok

windows
program files
recycle bin
c:

any other folder i though was fair game though.

as for darrens questions

1. when you say full sharing capabl, do you mean the whole C: drive is shared, if it is, then definatly NOT safe

2. pretty safe

3. If your running norton on each PC it has its own email protection in it. what happens is when you install notron, its cteats its own mail server. when mail is downloaded, norton gets it first, checks it for viruses, and them passes it on to your mail client. you could get your "server" todo that, but i dont know any free or shareware mail server that allows that. i do know some paid for mail software that does it though.

persoally, i would get norton 2001/2 and install it on any machines thats used (dont bother if its running seti) andmake sure that the mail protection is runing, and that its auto updatiing every thursday (norton release updates on a wed i think)

hope that makessome sense

toodles :xsofa:

The main problem I am finding is that, norton opens up the mail dump.... and some of the attachments are infected and only picked up by Norton when mrs FF clicks on the mail in her inbox (I'll re-check the setup) - I admit it gets it before the mail is opened fully... but the level of traffic she deals with would put a medium buisness to shame and the virus problem seems at an all time hi at the min :(...

ALL my C drives are FULL SHARE (but not mapped) so from my network neighborhood I can see all the machines and each C drive under them, I thought they where safe behind the server, each one had PCAnywhere running with no password which I altered about 6 months ago after I was hit by lots of pings... I passworded the lot after that! Now its all on VNC with passwords instead :D...

Its easy to get paranoid - but my fleet is a home grown afair that has cost me a few ££ so I want the best protection that I can afford. This weekend it all goes to 'C:Not shared' and Norton 2001 with once a day checking for virus updates on the busy machines.... Still interested to know about players E-mail server... :D

Daren,

first port of call

take the share off the C Drive.

you dont need anything shared on the seti machines. Only thing you might wanna share is the seti folder its self.

As for norton, it should scan the emails on download, i know norton 2002 does.

toodles :xsofa:

Yeesh...I hope I can answer everyone.

USSF#1: Most viruses are only smart enough to go after mapped network drives. So those are the most vulnerable (as I found out one lovely fall day a year ago when all of the JPEG images on our file server got wiped). It is certainly possible for viruses to exist/comeout that are smart enough to navigate the network without the mapped functionality.

Especially vulnerable would be Win9X shares, or any shares without username/password restrictions. So by bypassing the password functionality, by not using it, leaves you vulnerable.

At work, as I said we have about 40 client PCs which connect to a main file server. It has a clustering backup server and runs active directory but I wont get in to that. All the client machines log in via the domain controller, and have instant mapped drives on the file server. Unfortunately, we have to do this here at work, since most of the people arent computer savvy enough to handle mapping a drives. So instead, we have to run Nortons 2002 full protection mode on the file server. In fact, i just had to upgrade it to handle the load. It scans every file opened, copied, etc on the file server for viruses real time. It has survived many a virus attack so far with that protection, so it seems to be working good. We have 4 levels of backup anyway, just in case. We get a major virus outbreak every 3 months in the office, and YES! this is with running Norton Antivirus client on all pcs. But some, like Klez, slip through, or our people open attatchemetns, etc.

Full protection will certainly slow your butt down and without a dedicated $3000 file server, I dont recommend it :)

USSF#2 - BlackIce is just routing packets. Running Antivirus on that PC wont do anything to stop infected trojans/emails etc from getting on your PC. It will however stop many (but not all) hacking attacks in to your network. But hacking and viruses are very different things and must be dealt with on seperate playing fields.

USSF#3 - Mail Servers. This is a big topic. There are actually two things you can do. A full fledged email server. Or a email relay server. On both, you can run AntiVirus programs that will prefilter all emails, the most common ways for viruses to get in. You wont ever see another Klez/Sircam/LoveBug infected mail again.

Will a P200 run it? Yeah...barely. Maybe running Win98 Lite with nothing else going on, and depending on other things like RAM type and L2. You can probably get an old PII/III system for $40-$50 somwhere which would run it no problem. Depends on your email load, but its gotta virus scan each email coming in (or going out if you so choose).

Our old email server here is a Celeron 333 machine running FreeBSD, but now we have the new A7V333 based XP2100 box with 10K U160 drive and 512m ECC ram. Which will handle about 100 accounts and probably 20,000 emails per day (60% viruses).

Software...we run Microsoft Advanced Server 2000, Exchange Server 2000 and Norton AV Corporate with the Exchange plugin. Whats that...$10,000 or so? Now, you can get all of these for much much much cheaper if you know where to look, but how you get this is up to you. There are probably other free email servers about, and other virus scanner programs which may work with email server. Not sure.

As for email server versus email relaying well. An email server is just that. You supply a domain like liquidninjas.com, and you can create whatever email addresses you want. You HAVE to have a domain, a DNS server (many domain registrars will let you use theirs for a small fee) and of course the email server box. Your connection and email server also need to be on all the time to receive emails (although through the magic of email bouncing, if your machine is down for a little bit, most times emails will come back again later so you done loose anything).

An email relay is slightly different and harder to setup. Basically, all your email is forwarded to this relay box. Your still using your other email servers, but they are being filtered through you. This wont work for all kinds of email accounts, and is hard to set up.

Setting up any email server is probably an 8 on the richter scale, so be prepared for some sleepless nights figguring things out ;)

Farabomb, youll know when you get a virus ;) If your scanners decent, it will find it (or in the case of Klez, die trying). You are talking about hardware firewalls when you mention the Netgear...which are really just glorified NATs. I doubt one is any better than the other, apart from web interface. Some new ones block DoS attacks, but you can set this functionality up on any of the older ones. (but they dont tell you that). So, they are all the same.

MrP, well not sharing those folders ever is a good idea. Although you probably have things in other folders you dont want to loose. Lets face it, you can reinstall windows, but that porn collection took years, and you dont want some silly virus wiping it out ;) Besides, once a virus gets in to any folder on the machine, the machine is pretty much the viruses, if its run. If you have a file server, dont run any files from it :)

3.) Mail protection on client machines only catches about 80% of viruses. And I dont know why honestly. It should be just as good as Nav corporate...but its not. Maybe cause you cant adjust the strength of the scan. Not sure. Weve run that for years here, and still get hit by viruses. In fact, my own PC has gotten them. I use outlook cause im dumb like that, and Nortons 2002 with Mail scan. Klez got through, and I dont open any attatcments without prescanning. I get virus updates 2x per day.

I'll throw in a few points here.

You definitely do not want to share entire drives. Sounds like you are going to make this change Darren. Sharing folders is the way to go.

If you use Norton's 2002/1, and run it on default you will keep four critical features enabled.

First, every time norton boots it checks for new virus definitions, or if left running will check for updates about every 24 hours. You have a choice to have the updates installed automatically, or just inform you there is an update. Either way, auto update should be left on so you at least know when new virus definitions are available. Viruses mutate very fast, and I've seen norton update itself daily (like during the last round of the Klez virus). Without current virus definitions, nortons is practically useless.

Second, you will have inbound and outbound email protection enabled. As MrP has said, it sort of set's up a "mail server" on the PC in which all email must pass. Not as good as a real mail server, but it works good and should be left always enabled. BTW, NEVER leave the preview window of Outlook or Outlook Express open. This automatically opens the mail and releases any viruses before Norton can indentify the threat. Norton will identify the virus sometimes, but it is always too late at that point.

Third, Auto Protect should always be enabled and running in the background. It can catch a lot of nasty stuff while on the web, downloading, opening shared files, etc.

Last, Script Blocking will be enabled by default and is important for anyone who cruises the net. Malicious scripts can really cause a great deal of damage.

I run Norton on every rig in the LAN and have them set to auto update. Rather safe than sorry here. And , in fact, this saved me when I was hit by a Klez mutation. The mutation had infected my main rig and had infected another rig too via simple file sharing. However, because it takes time for the virus to attack the rest of the network, and Norton's virus definitions were being updated quickly, the rig which was infected by the file sharing caught the mutated virus. My main rig did not detect the mutated virus because Norton had not updated the definitions for the mutation yet, and the virus disabled Norton all together once it got past the first time. However, when the second infected rig ran it's auto update and scan, it found the mutated Klez and erradicated it.

Just a some food for thought. :)