Best way to block a drive from the internet?

I have 2 backup drives, one internal and one plug-in. I don't see why either one would need access to the internet. I'm using the Windows 7 x64 firewall along with Webroot SecureAnywhere. Can they block the drives from the internet? Can another firewall like Online Armor do that? Or is there a better way than using a firewall?

 

check your log files! or provide more details of that drives

 

Perhaps I wasn't clear in my question or you didn't understand it. I would like to know in general if a firewall can block a backup drive from accessing the internet, and if not then what other method is there?

 

How can a backup drive access the internet? By its own? The hardware calls the internet? You need to be more specific, that's why the question of the previous user. Otherwise your problem makes no sense.

 

Really? I'm certainly capable of making no sense, but I'm surprised this is one of those times. If malware got onto a backup drive, couldn't it try to connect out?

 

It must first infect the OS (running somewhere I guess, lol) to access whatever devices connected to the infected system. So, unless you explain better what you mean, it's hard to provide a sensible answer.

 

The malware on your backup drive would have to execute and get into memory before it could connect out. Just being a dormant file residing on the drive itself would not cause any network concerns. Your concern would be addressed by blocking anything from executing from your backup drives.

 

1 + 4 = easy, 2, 3, 5 = requires some knowledge, 6 = requires OS-knowledge

1. Disconnect drive (plug-in)

2. Encrypt drive

3. Use a NAS and require user ID/password for (session) access

4. Use a special application see hxxp://en.softonic.com/s/drive-lock-software-windows-7 for (usage) acces

5. Look for confidential folder or block file access options in software (like DefenseWall Firewall has, AppGuard and Sandboxie). This will stop guarded (untrusted) applications seeking internet connection to be unable to read them.

6. Set an ACL on it for users, see picture (you need to run explorer as admin, with right click mouse, properties, security tab, to reset these permissions again).

 

That makes sense, thank you. Any suggestions about the best way to block anything from executing from a backup drive?

 

Thank you Kees, as usual I understand how to do about half of that, but I'll look into the rest and put in place as much as I can. I was beginning to wonder if I could use Sandboxie to limit what the files on the backup drives could do.

 

You could use Windows 7 AppLocker. The default ruleset should be enough to accomplish your goal.