Cryptolocker defense

Advertisement

maysky
Joined:
Posts:
2

Cryptolocker defense

Hello.

I made a script to sync local files to the remote server via scp to have a backup in case of some cryptolocker (CL) will encode my files. My files are SQL server backups, so once they created, they will never change. Synchronization starts every 15 mins, so there is not much time to stop the process in case some become crypted.
Cryptolocker software may or may not change the file extension.
So the idea was to sync the files, but delete files older than X days on the destination as the second step.
Part of the script:
# Load WinSCP .NET assembly
Add-Type -Path "C:\Program Files (x86)\WinSCP\WinSCPnet.dll"
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Sftp
    HostName = $HostName
    UserName = $UserName
    Password = $Password
    SshHostKeyFingerprint = $SshHostKeyFingerprint
}
$session = New-Object WinSCP.Session
try
{
    # Connect
    $session.Timeout = New-TimeSpan -Seconds 120
    $session.Open($sessionOptions)
 
    # Syncronize
    $synchronizationResult = $session.SynchronizeDirectories(
        [WinSCP.SynchronizationMode]::Remote, $localPath, $remotePath, $False)
 
    $files = $session.EnumerateRemoteFiles($remotePath, $wildcard, [WinSCP.EnumerationOptions]::AllDirectories)
 
    # Find old files
    $limit = (Get-Date).AddDays($oldDate)
 
    $oldFiles =
        $files |
        Where-Object { -Not $_.IsDirectory } | 
        Where-Object { $_.LastWriteTime -lt $limit }
 
    # Delete them
    foreach ($oldFileInfo in $oldFiles)
    {
       $session.RemoveFiles($oldFileInfo.FullName).Check()
    }
 
}
finally
{
    # Disconnect, clean up
    $session.Dispose()
}
 
exit 0
In this case, if the file is not fully loaded due to error it is placed as *._filename which is ok. It helps to retry the upload next time. But when the file is fully uploaded I don't want it to be rewritten in case it changed on the source. How can i achieve such behaviour?

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
36,205
Location:
Prague, Czechia

Re: Cryptolocker defense

Sorry, I do not understand what you ask us for.

maysky wrote:

In this case, if the file is not fully loaded due to error it is placed as *._filename which is ok.
I not see anything in your code that would rename the files. Or are you actually asking how to rename files that fail to upload?

Reply with quote

maysky
Joined:
Posts:
2

Sorry. I'll try to keep it simple.
I want to upload files and
1) if the file is not on destination or not fully uploaded, then it should be uploaded
2) if the file is already on destination then it won't be touched even if we have the file with the same name but with other content on the source.
3) no files should be deleted on the destination.

Reply with quote

Advertisement

You can post new topics in this forum