[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question about mitigating large storage costs in case of ransomware



On Wed, Jul 12, 2017 at 09:36:39AM -0400, Rob Hoelz wrote:
> I just started using tarsnap, and I was wondering if there exists an
> option (or the potential interest in developing an option) to put a cap
> on an archive size.

Not exactly what you're looking for, but it would be easy to add a personal
monitoring script which warns you if you're over a chosen limit:

----
MAXSIZE_GB=2

TARSNAP_TOTAL=$(tarsnap --print-stats --no-humanize-numbers | \
        grep "unique data" | \
        awk '{print $3}' )
TARSNAP_TOTAL_GB=$(( $TARSNAP_TOTAL / 1000000000 ))

if [ $TARSNAP_TOTAL_GB -gt $MAXSIZE_GB ]; then
        echo "WARNING: tarsnap storage exceeds expectations!"
        exit 1
fi
----


This could be wrapped into the "Receiving emails from making backups" tip:
http://www.tarsnap.com/tips.html#receive-mail
so that you get a daily email saying "Backed up successfully" or getting a
warning.

Of course, a skilled attacker could subvert this script, so if you want to be
paranoid you'd make a read-only key and run this command on a separate system.
:)


If this idea seems useful or eye-opening to anybody, I'd be happy to write it
up for http://www.tarsnap.com/tips.html

Cheers,
- Graham