From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id E0C0AC37A for ; Mon, 28 Nov 2022 15:34:51 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 9BEEB35459 for ; Mon, 28 Nov 2022 15:34:21 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Mon, 28 Nov 2022 15:34:19 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 333CA44DA8 for ; Mon, 28 Nov 2022 15:34:19 +0100 (CET) From: Stefan Sterz To: pbs-devel@lists.proxmox.com Date: Mon, 28 Nov 2022 15:34:01 +0100 Message-Id: <20221128143401.610254-2-s.sterz@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20221128143401.610254-1-s.sterz@proxmox.com> References: <20221128143401.610254-1-s.sterz@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.087 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pbs-devel] [PATCH proxmox-backup 2/2] docs: add paragraph on verification jobs to ransomware section X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Nov 2022 14:34:51 -0000 Signed-off-by: Stefan Sterz --- drop this if inappropriate. i just thought this might answer some questions that a somewhat advanced user may have about verification jobs in this scenario. docs/storage.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/storage.rst b/docs/storage.rst index 5ba419cd..c457ff06 100644 --- a/docs/storage.rst +++ b/docs/storage.rst @@ -475,6 +475,13 @@ While creating backups is important, verifying that they work is equally important. This ensures that you are able to react quickly in case of an emergency and keeps disruption of your services to a minimum. +:ref:`Verification jobs ` can also assist in detecting +a ransomware presence on a Proxmox Backup Server. Since verification jobs +regularly check if all backups still match the checksums on record, they will +start to fail if a ransomware starts to encrypt existing backups. Please be +aware, that an advanced enough ransomware could circumvent this mechanism. +Hence, consider verification jobs only as an additional, but not a sufficient +protection measure. General Prevention Methods and Best Practices ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- 2.30.2