Snapshot tool that stores its backups/snapshots via FTP?

Discussion in 'backup, imaging & disk mgmt' started by TingTang, Dec 8, 2015.

  1. TingTang

    TingTang Registered Member

    Joined:
    Dec 8, 2015
    Posts:
    4
    Long time lurker, first time poster.

    I am setting up a live box to do malware analysis and was wondering if anyone could advise a good backup program that supports labeled point-in-time snapshots. I would also like the programs to store the backups/snapshots on a FTP site in the event that the snapshots/backups become corrupted, encrypted, etc.

    I have looked in Macrium, RollbackRX, and TimeMachine, but cant tell if any of them support FTP storage of the snapshots/backups.

    Does such a beast exist?

    Thanks alot.

    Adm
     
  2. TheRollbackFrog

    TheRollbackFrog Imaging Specialist

    Joined:
    Mar 1, 2011
    Posts:
    4,946
    Location:
    The Pond - USA
    Reflect, via its scripting options (PowerShell, VBScript and even Batch) should be able to do that without issue. You can read their boiler plate stuff concerning your issues HERE.

    Rollback is clearly out and FlashBack (aka Time Machine) does not make its scripting options very public knowledge... but I believe it can be done.
     
  3. TingTang

    TingTang Registered Member

    Joined:
    Dec 8, 2015
    Posts:
    4
    Thanks!

    Why is rollback out? No support for FTP?

    Does Macrium support the names snapshots that allows me to roll back quickly to a point in time? For example, I would want to create a snapshot right before installing something, test software, and then rollback to the clean environemtn.
     
  4. TheRollbackFrog

    TheRollbackFrog Imaging Specialist

    Joined:
    Mar 1, 2011
    Posts:
    4,946
    Location:
    The Pond - USA
    If you're using the MANUAL feature of Macrium, you may easily create a script that basically asks you to select what type of snapshot you'd like to do (INCREMENTAL, DIFFERENTIAL or FULL) and COMMENT it accordingly prior to execution. Although this may produce produce unintelligible FileNames (named with sequence or at random with sequence), they are fully commented under Reflect's restoration interface.

    EDIT: I need to back off some of the claims above... some of the scripting is not as flexible as I originally thought.

    EDIT2: It can definitely be done via slight edits to their automatic BATCH file creation.

    EDIT3: It looks as though it can be done easily under VBScript as well. I'm just not very familiar with PowerShell scripting... sorry.
     
    Last edited: Dec 8, 2015
  5. TheRollbackFrog

    TheRollbackFrog Imaging Specialist

    Joined:
    Mar 1, 2011
    Posts:
    4,946
    Location:
    The Pond - USA
    No support for even getting your hands on the snapshot DATA itself... it's totally hidden on the protected partition(s)
     
  6. TheRollbackFrog

    TheRollbackFrog Imaging Specialist

    Joined:
    Mar 1, 2011
    Posts:
    4,946
    Location:
    The Pond - USA
    There exists an "unsupported" CLI (Command Line Interface) within FlashBack and located in its Program folder. The snapshot/backup options may be found doing the following...

    FlashbackCmd.exe /cmd=backup /?

    An typical example of the above...

    FlashbackCmd.exe /cmd=backup /volume=C /destination=D:\AXTM /description="Backup description"

    These command structures should be able to be used easily in a standard BATCH file along with some FTP directives to copy the result off to your CLOUD.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    But remember Flashback is still beta and they recommend having something to back it up.
     
  8. TingTang

    TingTang Registered Member

    Joined:
    Dec 8, 2015
    Posts:
    4
    Will RollbackRX creates a hidden partition for its snapshots? If so, this should protect it from being encrypted by malware as the user wont have access to it and therefore the ransomware will not either. I could then theoretically use acronis periodically to create a images of the entire drive, including that hidden partition, to keep the snapshots secure and stored on my ftp server.
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    It is not a hidden partition. That data is just stored in empty sectors that the rollback filter driver keeps track of. One question. How critical is your data?
     
  10. TingTang

    TingTang Registered Member

    Joined:
    Dec 8, 2015
    Posts:
    4
    Not critical. Annoying if I had to reinstall, but if I use a tool like rollback with periodic acronis disk imaging, I should be ok.
     
  11. TheRollbackFrog

    TheRollbackFrog Imaging Specialist

    Joined:
    Mar 1, 2011
    Posts:
    4,946
    Location:
    The Pond - USA
    Rollback's DATA is not located in a hidden partition... it's left in place when a new parent reference is created (a snapshot). Windows (or anyone else) has no idea where the bits and pieces are located, only the special Rollback driver and database know where its at.

    You'll definitely need a FULL ALL SECTOR disk image periodically to be able to back up Rollback. And with Rollback, you're as much at risk against itself as you might be against ransomeware. Also, if the protected disk is an SSD, the OS TRIM function is inoperative while Rollback is in control.

    This DOCUMENT on the Rollback Forums would be a good read before you make your final decision.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.