After being hit by a crypto/ransomware trojan, I’m looking at all options to make file management and backups easier and automatic. Shadow Copy is mentioned frequently in relation to the crypto locker virus (…in that the virus typically deletes shadow copies…) so I thought I’d look into this Windows feature. I’ve been after a version history, of sorts, for regular file content for a while so this sort of helps.
In Windows 8, Shadow Copy was renamed File History and is switched off by default. To switch it on, you need an external drive or a network location but that’s lame so I sought a workaround to test the waters and get up and running on an internal drive.
This blog post details the steps to set this up, which basically entails creating a virtual drive in Windows Disk Management, initialising it and creating a simple volume, and then pointing File History (via Control Panel) to that VHD.
This is by no means a bulletproof solution and I noticed the crypto virus that attacked my machine also encrypted my virtual machines so this .vhd would not be immune. But it’s about defence in depth, I suppose.
Although I gave the VHD solution a spin, it’s not for everyone and, most importantly, they’re not attached automatically when you reboot (without a startup script, that is). Instead of the VHD approach, I created a new folder to contain my file history, shared it (granting Read and Change share permissions to my Windows account), and then pointed File History the share via \\127.0.0.1\FileHistory [or whatever you name your share].
Update (a few days on): well that didn’t last. File History very quickly consumed all available free space on my internal laptop drive (a second partition). So I’ve turned it off and am using CrashPlan instead (despite the Java dependency—grrrr) as there was no interface to configure how much storage it uses. File History seems to be yet another one of those inane Windows features that is absolutely useless in real life.
No comments:
Post a Comment
Spam comments will be deleted
Note: only a member of this blog may post a comment.