* [pbs-devel] [PATCH proxmox-backup v3 0/1] updated section on ransomware
@ 2022-11-25 12:10 Noel Ullreich
2022-11-25 12:10 ` [pbs-devel] [PATCH proxmox-backup v3 1/1] docs: added " Noel Ullreich
2022-11-28 11:14 ` [pbs-devel] applied: [PATCH proxmox-backup v3 0/1] updated " Thomas Lamprecht
0 siblings, 2 replies; 4+ messages in thread
From: Noel Ullreich @ 2022-11-25 12:10 UTC (permalink / raw)
To: pbs-devel
added section on ransomware to pbs docs consisting of a section in
backup storage and a bullet point in the main features section.
also fixed a few minor typos in the docs
Noel Ullreich (1):
docs: added section on ransomware
docs/introduction.rst | 15 ++++++---
docs/storage.rst | 78 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 88 insertions(+), 5 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] [PATCH proxmox-backup v3 1/1] docs: added section on ransomware
2022-11-25 12:10 [pbs-devel] [PATCH proxmox-backup v3 0/1] updated section on ransomware Noel Ullreich
@ 2022-11-25 12:10 ` Noel Ullreich
2022-11-25 12:40 ` Stefan Sterz
2022-11-28 11:14 ` [pbs-devel] applied: [PATCH proxmox-backup v3 0/1] updated " Thomas Lamprecht
1 sibling, 1 reply; 4+ messages in thread
From: Noel Ullreich @ 2022-11-25 12:10 UTC (permalink / raw)
To: pbs-devel
Added a section on ransomware. This includes a bulletpoint in the
main features section and a section in the backup storage section.
The latter section lists mitigation resources in pbs as well as best
practices.
Updated capitalization to be consistent in main features. Imo, since
these are bulletpoints and not headings, they should be in lowercase
Signed-off-by: Noel Ullreich <n.ullreich@proxmox.com>
---
changes since v1:
* squashed multiple commits into one
* added link in main features bulletpoint to the ransomware section
* restructured parts of the ransomware section
* fixed technical errors regarding reading checksum
* fixed my gitconfig ;)
changes since v2:
* fixed typos
* rephrased some paragraphs
docs/introduction.rst | 15 ++++++---
docs/storage.rst | 78 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 88 insertions(+), 5 deletions(-)
diff --git a/docs/introduction.rst b/docs/introduction.rst
index 130536d6..5d5f6297 100644
--- a/docs/introduction.rst
+++ b/docs/introduction.rst
@@ -58,10 +58,10 @@ Main Features
:Incremental backups: Changes between backups are typically low. Reading and
sending only the delta reduces the storage and network impact of backups.
-:Data Integrity: The built-in `SHA-256`_ checksum algorithm ensures accuracy
+:Data integrity: The built-in `SHA-256`_ checksum algorithm ensures accuracy
and consistency in your backups.
-:Remote Sync: It is possible to efficiently synchronize data to remote
+:Remote sync: It is possible to efficiently synchronize data to remote
sites. Only deltas containing new data are transferred.
:Compression: The ultra-fast Zstandard_ compression is able to compress
@@ -76,16 +76,21 @@ Main Features
provides extensive support for backing up to tape and managing tape
libraries.
+:Ransomware protection: :ref:`Protect your critical data from ransomware attacks
+ <ransomware_protection>` with Proxmox Backup Server's fine-grained access
+ control, data integrity verification, and off-site backup through remote sync
+ and tape backup.
+
:Web interface: Manage the Proxmox Backup Server with the integrated, web-based
user interface.
-:Open Source: No secrets. Proxmox Backup Server is free and open-source
+:Open source: No secrets. Proxmox Backup Server is free and open-source
software. The source code is licensed under AGPL, v3.
-:No Limits: Proxmox Backup Server has no artificial limits for backup storage or
+:No limits: Proxmox Backup Server has no artificial limits for backup storage or
backup-clients.
-:Enterprise Support: Proxmox Server Solutions GmbH offers enterprise support in
+:Enterprise support: Proxmox Server Solutions GmbH offers enterprise support in
the form of `Proxmox Backup Server Subscription Plans
<https://www.proxmox.com/en/proxmox-backup-server/pricing>`_. Users at every
subscription level get access to the Proxmox Backup :ref:`Enterprise
diff --git a/docs/storage.rst b/docs/storage.rst
index c4e44c72..0fe367b1 100644
--- a/docs/storage.rst
+++ b/docs/storage.rst
@@ -374,3 +374,81 @@ with a comma, like this:
.. code-block:: console
# proxmox-backup-manager datastore update <storename> --tuning 'sync-level=filesystem,chunk-order=none'
+
+.. _ransomware_protection:
+
+Ransomware Protection
+---------------------
+
+Prevention by Proxmox Backup Server
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+`Ransomware <https://en.wikipedia.org/wiki/Ransomware>`_ is a type of malware
+that encrypts files until a ransom is paid. Proxmox Backup Server includes
+features to mitigate ransomware attacks by offering easy restoration from backups.
+
+As a best practice, you should keep multiple backups, including outside of your
+network and on different media. Proxmox Backup Server provides the tools to do
+both. It is possible to create :ref:`remote sync jobs <backup_remote>`; by
+setting up a remote Proxmox Backup Server you can take advantage of the sync job
+feature and create off-site copies of your backups. This is recommended, since
+offsite instances are less likely to be infected by the ransomware in your local
+network. It is also possible to create :ref:`tape backups <tape_backup>` as a
+second storage medium. This way you get an additional copy of your data which
+can easily be moved off-site.
+
+Proxmox Backup Server does not rewrite data for existing blocks. This means that
+a compromised Proxmox VE host, or any other compromised system using
+the client to back up data, cannot corrupt existing backups.
+
+Furthermore, comprehensive :ref:`user management <user_mgmt>` is offered by
+Proxmox Backup Server. By limiting a sync user's or an access token's right to
+only write backups, not delete them, compromised clients cannot delete
+existing backups. Following this best practice, backup pruning should be done
+by the Proxmox Backup Server using prune jobs.
+
+While your Proxmox Backup Server can still be compromised, if your backup is
+encrypted by ransomware, the SHA-256 checksums of the backups will not match
+the previously recorded ones anymore. Hence, restoring the backup will fail.
+
+To detect ransomware inside a compromised guest, it is recommended to frequently
+test restoring and booting backups. Make sure to restore to a new guest and
+not to overwrite your current guest. In the case of many backed-up guests, it is
+recommended to automate this restore testing or, if this is not possible, to
+restore random samples from the backups.
+
+In order to be able to react quickly in case of a ransomware attack, it
+is recommended to regularly test restoring from your backups. Make sure to
+restore to a new guest and not to overwrite your current guest. Restoring
+many guests at once can be cumbersome, which is why it is advisable to
+automate this task and verify that your automated process works. If this is not
+feasible, it is recommended to restore random samples from your backups. While
+creating backups is is important, verifying that the backups work is equally
+important. This ensures that you are able to react quickly in case of an emergency
+and keeps disruption of your services to a minimum.
+
+
+
+Other Prevention Methods and Best Practices
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+It is recommended to take additional security measures, apart from the ones offered
+by Proxmox Backup Server. These recommendations include, but are not limited to:
+
+* Keeping the firmware and software up-to-date to patch exploits and
+ vulnerabilities (such as
+ `Spectre <https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)>`_ or
+ `Meltdown <https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)>`_).
+* Following safe and secure network practices, for example using logging and
+ monitoring tools and setting up VLANs.
+* Making plenty of backups using the
+ `3-2-1 rule <https://en.wikipedia.org/wiki/Backup#Storage>`_: creating
+ 3 backups on 2 storage media, of which 1 copy is kept off-site.
+* Retention. Since some ransomware might lay dormant a couple of days or weeks
+ before starting to encrypt data, it can be that older, existing backups are
+ compromised. Thus, it is important to keep at least a few backups over longer
+ periods of time.
+
+For more information on how to avoid ransomware attacks and what to do in case
+of a ransomware infection, see Cisa and
+`their guide <https://www.cisa.gov/stopransomware/ransomware-guide>`_.
--
2.30.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [pbs-devel] [PATCH proxmox-backup v3 1/1] docs: added section on ransomware
2022-11-25 12:10 ` [pbs-devel] [PATCH proxmox-backup v3 1/1] docs: added " Noel Ullreich
@ 2022-11-25 12:40 ` Stefan Sterz
0 siblings, 0 replies; 4+ messages in thread
From: Stefan Sterz @ 2022-11-25 12:40 UTC (permalink / raw)
To: Proxmox Backup Server development discussion, Noel Ullreich
some smaller notes in-line. other than that consider this:
Reviewed-by: Stefan Hanreich <s.hanreich@proxmox.com>
Reviewed-by: Stefan Sterz <s.sterz@proxmox.com>
On 11/25/22 13:10, Noel Ullreich wrote:
> Added a section on ransomware. This includes a bulletpoint in the
> main features section and a section in the backup storage section.
> The latter section lists mitigation resources in pbs as well as best
> practices.
>
> Updated capitalization to be consistent in main features. Imo, since
> these are bulletpoints and not headings, they should be in lowercase
>
> Signed-off-by: Noel Ullreich <n.ullreich@proxmox.com>
> ---
> changes since v1:
> * squashed multiple commits into one
> * added link in main features bulletpoint to the ransomware section
> * restructured parts of the ransomware section
> * fixed technical errors regarding reading checksum
> * fixed my gitconfig ;)
>
> changes since v2:
> * fixed typos
> * rephrased some paragraphs
>
> docs/introduction.rst | 15 ++++++---
> docs/storage.rst | 78 +++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 88 insertions(+), 5 deletions(-)
>
> diff --git a/docs/introduction.rst b/docs/introduction.rst
> index 130536d6..5d5f6297 100644
> --- a/docs/introduction.rst
> +++ b/docs/introduction.rst
> @@ -58,10 +58,10 @@ Main Features
> :Incremental backups: Changes between backups are typically low. Reading and
> sending only the delta reduces the storage and network impact of backups.
>
> -:Data Integrity: The built-in `SHA-256`_ checksum algorithm ensures accuracy
> +:Data integrity: The built-in `SHA-256`_ checksum algorithm ensures accuracy
> and consistency in your backups.
>
> -:Remote Sync: It is possible to efficiently synchronize data to remote
> +:Remote sync: It is possible to efficiently synchronize data to remote
> sites. Only deltas containing new data are transferred.
>
> :Compression: The ultra-fast Zstandard_ compression is able to compress
> @@ -76,16 +76,21 @@ Main Features
> provides extensive support for backing up to tape and managing tape
> libraries.
>
> +:Ransomware protection: :ref:`Protect your critical data from ransomware attacks
> + <ransomware_protection>` with Proxmox Backup Server's fine-grained access
> + control, data integrity verification, and off-site backup through remote sync
> + and tape backup.
> +
> :Web interface: Manage the Proxmox Backup Server with the integrated, web-based
> user interface.
>
> -:Open Source: No secrets. Proxmox Backup Server is free and open-source
> +:Open source: No secrets. Proxmox Backup Server is free and open-source
> software. The source code is licensed under AGPL, v3.
>
> -:No Limits: Proxmox Backup Server has no artificial limits for backup storage or
> +:No limits: Proxmox Backup Server has no artificial limits for backup storage or
> backup-clients.
>
> -:Enterprise Support: Proxmox Server Solutions GmbH offers enterprise support in
> +:Enterprise support: Proxmox Server Solutions GmbH offers enterprise support in
> the form of `Proxmox Backup Server Subscription Plans
> <https://www.proxmox.com/en/proxmox-backup-server/pricing>`_. Users at every
> subscription level get access to the Proxmox Backup :ref:`Enterprise
> diff --git a/docs/storage.rst b/docs/storage.rst
> index c4e44c72..0fe367b1 100644
> --- a/docs/storage.rst
> +++ b/docs/storage.rst
> @@ -374,3 +374,81 @@ with a comma, like this:
> .. code-block:: console
>
> # proxmox-backup-manager datastore update <storename> --tuning 'sync-level=filesystem,chunk-order=none'
> +
> +.. _ransomware_protection:
> +
> +Ransomware Protection
> +---------------------
> +
> +Prevention by Proxmox Backup Server
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +`Ransomware <https://en.wikipedia.org/wiki/Ransomware>`_ is a type of malware
> +that encrypts files until a ransom is paid. Proxmox Backup Server includes
> +features to mitigate ransomware attacks by offering easy restoration from backups.
> +
> +As a best practice, you should keep multiple backups, including outside of your
> +network and on different media. Proxmox Backup Server provides the tools to do
> +both. It is possible to create :ref:`remote sync jobs <backup_remote>`; by
> +setting up a remote Proxmox Backup Server you can take advantage of the sync job
> +feature and create off-site copies of your backups. This is recommended, since
sounds a bit redundant/clumsy? Maybe just get rid of "It is possible to
create remote sync jobs" and just start the sentence with "By setting up
a remote Proxmox Backup Server you can..."
> +offsite instances are less likely to be infected by the ransomware in your local
you can get remove the "the" here to make this a bit more concise.
> +network. It is also possible to create :ref:`tape backups <tape_backup>` as a
> +second storage medium. This way you get an additional copy of your data which
> +can easily be moved off-site.
> +
> +Proxmox Backup Server does not rewrite data for existing blocks. This means that
> +a compromised Proxmox VE host, or any other compromised system using
> +the client to back up data, cannot corrupt existing backups.
> +
> +Furthermore, comprehensive :ref:`user management <user_mgmt>` is offered by
> +Proxmox Backup Server. By limiting a sync user's or an access token's right to
> +only write backups, not delete them, compromised clients cannot delete
> +existing backups. Following this best practice, backup pruning should be done
> +by the Proxmox Backup Server using prune jobs.
> +
> +While your Proxmox Backup Server can still be compromised, if your backup is
> +encrypted by ransomware, the SHA-256 checksums of the backups will not match
> +the previously recorded ones anymore. Hence, restoring the backup will fail.
> +
> +To detect ransomware inside a compromised guest, it is recommended to frequently
> +test restoring and booting backups. Make sure to restore to a new guest and
> +not to overwrite your current guest. In the case of many backed-up guests, it is
> +recommended to automate this restore testing or, if this is not possible, to
> +restore random samples from the backups.
> +
> +In order to be able to react quickly in case of a ransomware attack, it
> +is recommended to regularly test restoring from your backups. Make sure to
> +restore to a new guest and not to overwrite your current guest. Restoring
> +many guests at once can be cumbersome, which is why it is advisable to
> +automate this task and verify that your automated process works. If this is not
> +feasible, it is recommended to restore random samples from your backups. While
> +creating backups is is important, verifying that the backups work is equally
typo: one "is" too many
> +important. This ensures that you are able to react quickly in case of an emergency
> +and keeps disruption of your services to a minimum.
> +
> +
> +
> +Other Prevention Methods and Best Practices
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +It is recommended to take additional security measures, apart from the ones offered
> +by Proxmox Backup Server. These recommendations include, but are not limited to:
> +
> +* Keeping the firmware and software up-to-date to patch exploits and
> + vulnerabilities (such as
> + `Spectre <https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)>`_ or
> + `Meltdown <https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)>`_).
> +* Following safe and secure network practices, for example using logging and
> + monitoring tools and setting up VLANs.
> +* Making plenty of backups using the
> + `3-2-1 rule <https://en.wikipedia.org/wiki/Backup#Storage>`_: creating
> + 3 backups on 2 storage media, of which 1 copy is kept off-site.
> +* Retention. Since some ransomware might lay dormant a couple of days or weeks
> + before starting to encrypt data, it can be that older, existing backups are
> + compromised. Thus, it is important to keep at least a few backups over longer
> + periods of time.
> +
> +For more information on how to avoid ransomware attacks and what to do in case
> +of a ransomware infection, see Cisa and
pretty sure you need to capitlize CISA here
> +`their guide <https://www.cisa.gov/stopransomware/ransomware-guide>`_.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] applied: [PATCH proxmox-backup v3 0/1] updated section on ransomware
2022-11-25 12:10 [pbs-devel] [PATCH proxmox-backup v3 0/1] updated section on ransomware Noel Ullreich
2022-11-25 12:10 ` [pbs-devel] [PATCH proxmox-backup v3 1/1] docs: added " Noel Ullreich
@ 2022-11-28 11:14 ` Thomas Lamprecht
1 sibling, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2022-11-28 11:14 UTC (permalink / raw)
To: Proxmox Backup Server development discussion, Noel Ullreich
Am 25/11/2022 um 13:10 schrieb Noel Ullreich:
> added section on ransomware to pbs docs consisting of a section in
> backup storage and a bullet point in the main features section.
>
> also fixed a few minor typos in the docs
>
> Noel Ullreich (1):
> docs: added section on ransomware
>
> docs/introduction.rst | 15 ++++++---
> docs/storage.rst | 78 +++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 88 insertions(+), 5 deletions(-)
>
applied, with the comments of the Stefan's addressed in a follow-up, also
reworked the structure and expand the section a bit further in another
follow up (just fyi), thanks!
ps. @Stefan's: I'd appreciate if you could keep sending tags like R-b only
for yourself, as otherwise it's a bit too subtle for my taste and could
also seem like a mistake.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-11-28 11:14 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-25 12:10 [pbs-devel] [PATCH proxmox-backup v3 0/1] updated section on ransomware Noel Ullreich
2022-11-25 12:10 ` [pbs-devel] [PATCH proxmox-backup v3 1/1] docs: added " Noel Ullreich
2022-11-25 12:40 ` Stefan Sterz
2022-11-28 11:14 ` [pbs-devel] applied: [PATCH proxmox-backup v3 0/1] updated " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox