Home · Register · Join Upload & Sell

Moderated by: Fred Miranda
Username  

  New fredmiranda.com Mobile Site
  New Feature: SMS Notification alert
  New Feature: Buy & Sell Watchlist
  

FM Forums | Canon Forum | Join Upload & Sell

1       2       3       4      
5
       end
  

Archive 2017 · Make sure you back up your photos etc....

  
 
EB-1
Offline
• • • • • • •
Upload & Sell: Off
p.5 #1 · p.5 #1 · Make sure you back up your photos etc....


markshelby wrote:
My computer backs up data files to an on-site Synology NAS that backs itself up to Amazon Cloud, all in real time. Both backups do not propogate deletions, and the NAS retains old versions of changed files. ... It is accessable via the internet--I can access my files from anywhere (and back up my notebook on the road).

melcat wrote:
An internet-facing NAS has some risks that an air-gapped hard drive backup does not:

- It is an attack surface. You are now reliant on timely security updates from the NAS vendor. Most of these boxes are Linux-based. I don't know anything about Synology but I can certainly think of another NAS vendor I wouldn't trust to provide them.

- It is another point of failure due to bugs. Recent Linuxes support ext3 and ext4 (journalled like Apple and MS file systems) but it isn't that long since this type of equipment was sporting ext2, which, like traditional Unix systems, used to
...Show more

There is no need to have a NAS on the internet. Neither my 110TB nor the 64TB NAS are on the internet. They are on physically separate networks using 10GbE NICs. I can connect them to the internet with a mechanical switch (the air gap).

EBH




Dec 04, 2017 at 11:07 PM
15Bit
Offline
• • • • •
Upload & Sell: Off
p.5 #2 · p.5 #2 · Make sure you back up your photos etc....


Paul Mo wrote:
That's right. It is also part of the reason I have been questioning my desire for a NAS. But NAS seem to dominate the market with DAS being rare indeed - at least locally.

At the moment I am happy with my JBOD clusters (of smaller drives*) backed up to large single drives.

*Simply utilising what I have to hand.


As EB-1 points out, there is no real need to have your NAS internet accessible. Indeed, from a security perspective i would be very wary of connecting any commercial NAS directly to the internet. If you do need to have external access to your files, it is much better to situate the NAS behind a firewall and port-forward only the necessary ports from the firewall to the NAS. Still, in most cases the purpose of a NAS is to serve files to the home / office, not to the world.

But therein lies a question - are you serving files to the home / office, or just to your desktop PC / Mac? If you have no need to access the files from multiple computers, then a DAS is a higher performance option as it is not restricted by an ethernet connection (assuming you haven't got the oodles of cash needed for 10GbE). Even better is to stuff all your drives into the PC.

A NAS is a useful tool, but not necessarily the best one in all cases.



Dec 05, 2017 at 01:43 AM
melcat
Offline
• • • •
Upload & Sell: Off
p.5 #3 · p.5 #3 · Make sure you back up your photos etc....


EB-1 wrote:
Neither my 110TB nor the 64TB NAS are on the internet. They are on physically separate networks using 10GbE NICs. I can connect them to the internet with a mechanical switch (the air gap).


Be careful with this. Even if on separate NICs (Ethernet cards) packets can still be routed to and from the Internet by the computer that the two NICs are installed in. On Mac, I would control this with the "Internet Sharing" tab of System Preferences. I see no point to a mechanical switch.



Dec 05, 2017 at 02:14 AM
15Bit
Offline
• • • • •
Upload & Sell: Off
p.5 #4 · p.5 #4 · Make sure you back up your photos etc....


melcat wrote:
Be careful with this. Even if on separate NICs (Ethernet cards) packets can still be routed to and from the Internet by the computer that the two NICs are installed in. On Mac, I would control this with the "Internet Sharing" tab of System Preferences. I see no point to a mechanical switch.


Packets routed out to the internet are not a problem (in general), it's the unwanted incoming stuff that needs to be filtered. And unless you have some stupid plug and play autoconfiguration turned on at the firewall and NAS, everything should be filtered just fine.

I'm not sure i would use a Mac as a firewall. Better to use a proper dedicated device that uses a lot less power. I have in the past used my Linux server as the home firewall and router, with a long list of iptables rules to strictly control where packets can go. That works very well, and so long as you are careful with the rules it is very secure.



Dec 05, 2017 at 03:03 AM
EB-1
Offline
• • • • • • •
Upload & Sell: Off
p.5 #5 · p.5 #5 · Make sure you back up your photos etc....




melcat wrote:
Be careful with this. Even if on separate NICs (Ethernet cards) packets can still be routed to and from the Internet by the computer that the two NICs are installed in. On Mac, I would control this with the "Internet Sharing" tab of System Preferences. I see no point to a mechanical switch.

I prefer the belt and suspenders approach to prevent mishaps.

EBH



Dec 07, 2017 at 09:24 PM
Paul Mo
Offline
• • • • •
Upload & Sell: Off
p.5 #6 · p.5 #6 · Make sure you back up your photos etc....


15Bit wrote:
A NAS is a useful tool, but not necessarily the best one in all cases.


Which is the same conclusion I have come to. Where they shine is being able to access files from anywhere on the globe - provided they are online and all is well.

If a client calls requesting another image while you are away from home you can find and process and send them the file. That for me is only current practical benefit.

I am not a huge media user - as in I have no desire to stream media around my house to my 4 televisions.




Dec 07, 2017 at 09:41 PM
bootster
Offline
• •
Upload & Sell: Off
p.5 #7 · p.5 #7 · Make sure you back up your photos etc....


OK, so now we have it settled. The Russians intercepted 3 min of network traffic to certain large companies cloud systems, twice yesterday in an interval that spanned 2 hours. The attacks had routed all network traffic from Apple, Google, and others for a total of 6 min. That may not seem like a lot, but the fact is that couldn't be farther from the truth.

It's time to think about doing what I have done, build your own cloud, or just use an external local network, if you want to forgo the convenience of streaming data over the internet at will, in order to protect your data if you are thinking about letting a web based cloud store your precious data. The truthfulness of this article is starting to show up more and more, so I'm going to presume it's true as this information could either be suppressed to keep it from going viral, or just being swept under the rug for security reasons. I am starting to find more articles about this, and I'm going to take it to be true for the time being, as the internet has a way of manipulating data sometimes for less than honest purposes.

The real purpose I went out of my way to even spend the time to post this is to allow fellow photographers to be aware of the true risks of not backing up your data. If I had all my data on a web based cloud service, I would immediately take actions to get it backed up somewhere else.

Now that net neutrality is at risk, we need to think twice about allowing anything to be stored on the web based cloud services without a true to form backup.



Dec 15, 2017 at 08:31 AM
gdanmitchell
Offline
• • • • • • •
Upload & Sell: Off
p.5 #8 · p.5 #8 · Make sure you back up your photos etc....


http://pilerats.com/assets/Uploads/_resampled/SetWidth940-tinfoil-hat.jpg


Dec 15, 2017 at 10:58 AM
1       2       3       4      
5
       end




FM Forums | Canon Forum | Join Upload & Sell

1       2       3       4      
5
       end
    
 

You are not logged in. Login or Register

Username       Or Reset password



This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.