Protect Commvault Disk Libraries from Ransomware

To protect disk libraries from Ramsomware, you can activate Ramsomware Protection on properties of Commvault Media agent

http://documentation.commvault.com/commvault/v11/article?p=features/disk_library/t_enable_ransomware_mediaagent.htm

Another important feature, you can get alert if commvault backed up encrypted ransomware files

http://documentation.commvault.com/commvault/v11/article?p=features/disk_library/r_ransomware_protection.htm


Security Tips for Storage and Backup Admins

1. EMC Networker: Change “remote access” option *@*  on every client” –> http://sysarticles.com/emc-networker-security-exploit-that-remote-access/

2. Veritas Netbackup: Remove No.Restrictions file –> http://sysarticles.com/security-expolit-on-netbackup-no-restrictions/

3. EMC VMAX: Change default password of SMC user in unisphere (take snapshot or backup before changing. If you would get “Failed to authenticate user.” error, there is no way to fix except restore or reinstall. And, If you reinstall unisphere you will loose performance database. There is a trick to not get this error.)

4. EMC VPLEX: Change default passwords of VPLEX. Default passwords of VPLEX is already complex, but anyone can find default passwords of service, admin and root users in the documents.

5. Commvault: Activate Ransomware Protection –> http://documentation.commvault.com/commvault/v11/article?p=features/disk_library/t_enable_ransomware_mediaagent.htm


Security expolit on Netbackup (No.Restrictions)

Sometimes we or some consultants put No.Restrictions file in “INSTALL DIR\netbackup\db\altnames” directory, this option  makes our work easier. But it is a security risk, because of every netbackup client on the your network can restore data from any other clients. So, anybody can restore data of your important servers, then they can lookup and/or copy your important datas. To close this security exploit, you must delete the file No.Restrictions.


EMC Networker security exploit that “Remote access”

If you didn’t care when you installed EMC networker software, some consultants enter an option *@* for every client, this means that every networker client on the your network can restore data from any other clients. So, anybody can restore data of your important servers, then they can lookup and/or copy your important datas.

Read More