My Data Backup Routine

I wanted to offer my personal backup routine to all those that do not have something in place and not sure where or how to start.  I tried many different methods over the years and so far I think this is the best one for me, my amount of data, and my local network configuration.

First off, make note that I have EFS enabled on my Windows machines to help protect the data while on the local disk.  You can backup your data “securely” all you want but if somebody breaks into your home and steals your machines they will have full access to it all (password protected logins or not – trust me).  So enabling EFS will at least protect the data from any attempts at bypassing your Windows login or simply slaving the drive to another machine.

I start out with an external USB drive which consists of nothing but a Truecrypt volume taking up the entire space.  This works the same way as EFS – if somebody does steal this drive they will have no way of getting into your actual data.  Once Truecrypt mounts this drive volume I use SyncToy to copy the selected files and/or folders over to the USB drive and keep this drive in sync.  This is all done over USB so at this point the data has not hit the network yet.  Now I want to make sure I have an off-site copy as well, so for this I use Jungle Disk to sync the USB drive up to my Amazon S3 account.  Aside from the data being stored encrypted on the Amazon S3 drive, Jungle Disk itself encrypts the data locally before sending it out the SSL/TLS connection to Amazon S3.  SyncToy and Jungle Disk are both on offset schedules and this process is completely automatic.

This gives me all the backups I need.  I have one local copy on the LAN for fast recoveries if anything should happen, but I also have one off-site copy stored completely encrypted if something happens to all of my local hardware and I would need to pull down a copy and restore it (last resort – think LAN vs. WAN speeds).

The costs are pretty low compared to some other pre-packaged solutions out there:

• External Drive – Price would vary depending on the size of drive you need
• Jungle Disk – A one-time purchase of $20 for a lifetime license
• SyncToy – Free
• Truecrypt – Free
• Amazon S3 account – I’m currently paying around $3 – $5 per month (this varies with the amount of data you transfer back and forth)

All in all, it’s not a bad solution for only a few dollars per month.  The data is encrypted at every stage where the risk of exposure is high.

Posted in Hardware, Networking, Privacy, Security, Windows | No Comments

Results of Vegan December

As some of you know, I decided to go vegan for the month of December just to try it out and see what all the hype was.  This morning was my final weigh-in for this vegan experiment and I must say the results were really impressive.

First off, those who know me know that I was born and raised a “meat and potatoes” kind of guy and maintained this throughout my entire 36 years.  I kept my weight somewhat under control until I got into the IT field which required me sitting at a desk for 8 hours a day with little to no exercise.  This has been increasingly catching up to me in the last few years and I could feel my clothes getting tighter and tighter.  We bought a Bowflex and an Elliptical Trainer and I started working out as much as possible.  Yes, I dropped a few pounds here and there but I knew my diet was holding me back from seeing the full results.  I love food and this was going to be hard for me to change.  My girlfriend took a nutrition class a couple of years ago so we decided to start changing a few smalls things in our diet (aka “baby steps”).  We started by replacing white bread with whole wheat, whole milk with soy milk, etc.  We started seeing some small results almost immediately but we still kept meat and dairy in our diet because I was very reluctant on totally getting rid of it.  This is all I “knew” to eat and I was afraid my body would start wigging out and going into convulsions (hey, it could happen..).  Finally, late this year I started reading a few health websites, watching a few horrible videos and decided to just go vegan for a while and see what happens.  I had nothing to lose at this point.  It was a major culture shock at first but got easier and easier as we went.  We had some awesome recipes from various sites to carry us through the whole month and I must admit that some of them even rivaled their meaty counterparts.  We ate everything from tacos to burgers to lasagna.  All were extremely tasty and in the end I can safely say that I was not missing meat or dairy at all.  Even now that the month is over I do not see myself going back to eating what I was previously.  Here are the main reasons why:

Noticeable results:

• Lost 11 pounds  (did not even exercise at all during the month so the results were just from the diet change)
• BMI dropped almost 2 full points
• Lost almost 2 inches from my waistline
• Feel healthier
• Look healthier
• Have more energy
• Sleep better at night
• Random asthma-like symptoms vanished

These are just what I noticed and I’m sure there would be many more if I would have done it more scientifically like getting before and after blood work for example.  But these are more than enough to be impressed and start considering a major change in your permanent diet.

Roll your eyes all you want – I know I did for 36 years – but there truly is something to this.

Posted in General BS | 3 Comments

Fox Sports Web Site Compromised

Websense Security Labs ThreatSeeker Network has detected that the Fox Sports site has been compromised and injected with malicious code. Fox Sports is a division of the Fox Broadcasting Company. It specializes in the latest sports news and world sports updates. Fox Sports has an Alexa ranking of 330.

Our research shows that the site has been injected with two pieces of malicious code. One of them is the latest Gumblar campaign, and the other redirects individuals to a malicious Web site, whose link was unreachable at the time of this alert.

The ThreatSeeker Network has detected that thousands of Web sites have been compromised by the latest Gumblar campaign. The Gumblar page is highly obfuscated. After deobfuscation, the page uses PDF and Flash exploits to run malware in order to control a victim’s computer. In addition, a piece of VBScript is executed to download malware.

Source:
http://securitylabs.websense.com/content/Alerts/3516.aspx?cmpid=slalert

Posted in Internet, Security | No Comments

Microsoft confirms IIS hole

Microsoft has confirmed the security hole in its IIS web server, but hasn’t disclosed which versions of the product are affected. According to the finder of the “semi-colon bug”, versions up to and including version 6 are vulnerable. The hole allows attackers, for instance, to camouflage executable ASP files as harmless JPEG files and upload malicious code to a server.

Microsoft’s Security Response Center (MSRC) says it is investigating the vulnerability and has so far not found evidence of any attackers actively exploiting the hole to compromise a server. According to the vendor, the required conditions present an obstacle for successful attacks: Attackers must have authenticated themselves on a server and possess read as well as upload privileges to a directory which, in turn, must allow the execution of code.

Source:
http://www.h-online.com/security/news/item/Microsoft-confirms-IIS-hole-893413.html

Posted in Internet, Security | 1 Comment

W3 Total Cache

I’m trying out a new caching plugin for WordPress called W3 Total Cache and so far I am very impressed.  PC Sympathy is now running it and using Amazon Cloudfront as the CDN.  I see a tremendous improvement over the other caching plugins.  Here’s some bullet points for W3 Total Cache from their website:

Benefits:

• At least 10x improvement in site performance (when fully configured: Grade A in YSlow or great Google Page Speed Improvements)
• “Instant” second page views (browser caching after first page view)
• Reduced page load time: increased visitor time on site (visitors view more pages)
• Optimized progressive render (pages appear to load instantly)
• Improved web server performance (easily sustain high traffic spikes)
• Up to 80% Bandwidth savings via Minify and HTTP compression of HTML, CSS, JavaScript and RSS feeds

Features:

• Compatible with shared hosting, virtual private servers and dedicated servers / clusters
• Transparent content delivery network (CDN) integration with Media Library, theme files and WordPress itself
• Caching of (minified and compressed) pages and posts in memory or on disk
• Caching of (minified and compressed) CSS and JavaScript in memory, on disk or on CDN
• Caching of RSS (comments, page and site) feeds in memory or on disk
• Caching of search results pages (i.e. URIs with query string variables) in memory or on disk
• Caching of database objects in memory
• Minification of posts and pages and RSS feeds
• Minification (combine and remove comments / white space) of inline, embedded or 3rd party JavaScript (with automated updates)
• Minification (combine and remove comments / white space) of inline, embedded or 3rd party CSS (with automated updates)
• Browser caching of CSS, JavaScript and HTML using future expire headers and entity tags (ETag)
• JavaScript grouping by template (home page, post page etc) with embed location management
• Non-blocking JavaScript embedding
• Import post attachments directly into the Media Library (and CDN)

Again, so far so good.  But I would like to give it a full month and then check some server stats.

Posted in General BS | 1 Comment