WWWalker's Disaster Recovery

Links

Backups

Disaster Recovery Plan

Every business requires a disaster recovery plan. We can assist you with setting this up and maintaining it to make sure you have your system restored in good time.

We have survived a number of disasters in our computer systems ranging from disc crashes to monitors failing. You need a backup strategy and several copies scattered all over the place to ensure survival. Redundancy is very important. These days this is called cloud computing where files are stored on the Web and do not require the local PC to be as protected. If the PC crashes, a new PC is bought and the work continued using the system on the Web.

Many sites and small businesses now backup their entire system remotely to enable them to recover from disaster or loss in their main site.

External Disk Drives Not Responding

In January 2017, I bought an HDD all in one docking station on eBay for 2 external hard drives that no longer responded due to interface cards failing. I got drives out of external drive chassises then loaded them one at a time into docking station and read them OK via USB on PC! This saved 7 years of backups being lost!

NAS

In March 2011, we were going to do remote backup using NETGEAR ReadyNAS but by October 2017 we had done nothing and will cease supporting NETGEAR due to PowerShift Partner site going down indefinitely and NETGEAR staff moving to USA and Australian staff changing.

Cloud

Backup and restore of EC2 instances on Amazon Web Services can be done via snapshots.

In February 2017, Cloudflare had massive data breach to all sites using them as DNS servers (domain cloudflare.com). Domain registry needs to have password reset.

In January 2017, we migrated our Website hosting from Linux hosting to Amazon Web Services EC2 Linux instance. This involved backing up site and mail and using Amazon Web Services S3 to migrate to an EC2 instance. We then used third party DNS to delegate the site.

Instead in June 2012, we did backup and restore to Amazon Web Services S3 storage in the Cloud to move a huge mailbox from one hosting site to another. This is a very quick and easy way of moving large amounts of data for small business applications such as hosting, email or backup files. We did this again in November 2012. In June 2013, 12 month free tier ran out and I am now paying a small amount per gigabyte per month till I backup all data to a local drive on my laptop.

In February-March 2012, Symantec Netbackup and EMC MozyPro cloud-based backup services are being offered which we can setup for small business clients to give them extra flexibility and robustness in these tough economic times. A server can be rebuilt on a physical or virtual server from a backup stored in the cloud.

NAS can be used for remote backup akin to Dropbox.

Find Lost Mobile

Find and lock lost Windows device

In February 2019 I discovered if Windows Phone is lost, go to account.microsoft.com and select device then click 'find device'. This only works in IE not Firefox. It also assumes phone is registered with Microsoft before it is lost. Last known location of phone is shown on map.

iOS and Android phones also have similar find lost phone feature.

Windows Phone location is updated every so often and this is logged with Microsoft so phone can be tracked down to nearest location.

I had to backtrack and find Windows Phone manually as I was using Firefox and account.microsoft.com did not show me location. Later I discovered only IE worked for finding phone on map.

I rang phone using Skype but person nearby did not answer it so it went to voicemail. It is impossible to get round people problems like this.

Only Windows 10 has 'fine my device' feature not Windows 7. With Windows 7 use account.microsoft.com.

Mobile Backups

Cloud

In January 2012, we also imported contacts from another phone's SIM to a Nokia MeeGo phone.

We used Nokia Account to backup contacts from Nokia MeeGo to Web and then restore them from Web to Nokia MeeGo when phone was flashed. We also imported the contact CSV file into a private Web database.

We will also import contacts from another phone via Bluetooth.

We downloaded lost apps from Nokia Store.

SMS messages were not backed up so were lost when the Nokia 6230 was lost. Backup at Nokia Care did not work on the old Nokia 6230's SMS messages but on everything else - phone numbers, images, audio files, video files.

Migrate Phone Numbers to New Phone

In September 2018, my Samsung Galaxy Pocket Neo power button stopped working so I moved the micro-SIM to a Windows Phone 8.0 Nokia Lumia 820. I then imported contacts from Microsoft Outlook Live account by logging into Microsoft Hotmail/Live account and synchronising. Google Contacts also had contacts which would be imported manually as Google Account won't login due to security issues. I upgraded from Windows Phone 8.0 to 8.1 (600MB 35 mins) but that model won't upgrade to Windows 10 Mobile and may apps won't work so I used browser or another app. I transcribed data from car app to spreadsheet before crash. I lost SMS messages and notepad notes. I needed to export them using Samsung Smart Switch Windows tool and Android app and USB cable or WiFi before crash. Samsung also had Samsung Members app for Android for support I did not know about till after the crash.

In November 2018, after I had restored Samsung Cloud to Samsung Galaxy Note II, I found Smart Switch does not backup contacts only messages and other data from new phone to PC. I used dr.fone to backup the contacts and messages etc on phone to PC but it only works direct to phone. No data is available to be exported into CSV etc.

In June 2014, my N950 died so I had to export phone numbers from account.nokia.com as CSV and convert them to VCF with a Windows tool and import them into a Samsung Android phone. Some of the phone numbers were not imported, just the person's name.

Samsung Cloud Contacts

Samsung Cloud Backup Terms
"To protect personal information and procure resources necessary for use of the services, we have added Paragraph 9 to Article 3 to state that data regarding customers who do not use the Samsung Cloud services for a long period of time (i.e., 12 months) will be deleted and Paragraph 10 to Article 3 to further state that backed-up user data which has been unused for a long period of time (i.e., 12 months) will be deleted."

In November 2018, I got a Samsung Galaxy Note II which I did a factory reset on by holding volume up (left), bottom button and power button (right) simultaneously. I then setup Google and Samsung accounts on new device and restored contacts and messages using WiFi.

Reset Samsung Galaxy Note N7105 (Hard Reset)

On September 2018, my Samsung Galaxy Pocket Neo Android phone died. Only way to restore contacts backup on new phone was by buying another Samsung device and sycing as Samsung has a monopoly on data backed up to Samsung Cloud.

On 27 October 2018, Samsung Cloud terms changed so that backups will be deleted if not used for more than 12 months. So I have to buy a Samsung device to sync my contacts from old phone or they will be lost.

I should have exported contacts from Android before this hell of being trapped with Samsung Cloud occurred.

Android backup does not backup contacts only app settings.

Nokia N950 Backup

The Nokia N950 froze up and said 'too frequent boots - reflash device' when I tried to boot the phone when the battery was nearly flat and had inadequate power to boot. I ignored the message and powered up using power switch and the device luckily booted. I then backed up images and audio recordings via developer SDK. I plan on writing an FTP tool that will allow users to backup their phone's images, video, audio, phone numbers and SMS to an FTP site of their choosing via USB, SD Card, wifi or 3G. A Linux single user mode needs to be setup so a Nokia support person or developer can boot and rescue important files before reformatting and reinstalling the system. Too much vital information is stored on a smartphone and proper backups need to be setup or the phone will lose vital data if it crashes with a disaster recovery plan.

On Nokia N950, I did Settings / Sync and Backup / Backup and then FTPed the Backup files to the PC or select 'use as mass storage device' when USB is plugged into phone. Go to Accounts / Nokia / Synchronise to backup contacts to account.nokia.com. To enter changed password, go to Store / Download an item.

In March 2012, the Optus SIM card died so I had to get a replacement and restore contacts to SIM from Optus Backup, Nokia Account and Nokia N950 contacts.

Optus SIM Backup Down 2 months

In March 2012, I replaced my Optus SIM card.

Optus SIM Backup was down for 2 months with no end in sight.

I got Optus to email me the last backup as HTML table which I converted to CSV using app. I later imported it into MySQL for safe keeping.

New Optus SIMs do not have SIM Backup plus I would not rely on it but would use Nokia Account if you have a Nokia phone to backup and restore via the Internet over 3G as it is more reliable.

Nokia/Windows Phone Contacts

On 24/5/15, Nokia Account was replaced by Microsoft Account. Only Microsoft Hotmail Outlook Live contacts can be synced to Windows Phone not Samsung or Google.

Windows Backups

Corrupted Restore

In May 2018, a contact had not tested their restore of Windows XP backup of Kasperksy and restore failed causing BSOD (Windows to crash on boot).

They tried safe mode but that did not work and did not want to do a new installation of Windows losing all their software and data.

Windows registry and c:\windows\system32 files had to be patched or restored or last known configuration used to get system to boot again.

Macrium

In March 2012, I tried several times to use Windows 7 backup tool to backup a laptop but it was so slow and unclear which files were backed up or whether the backup job had failed and where the image was stored.

In the end I did a quick, successful backup using Macrium Reflect which was clearer to select partitions to backup and easier to restore from an image using a network drive.

In June 2015, Macrium Reflect 5.3 64 bit worked OK in Windows 8.1. I had to deactivate license from previous crashed Windows 7 laptop to use it on Windows 8.1 laptop.

ResourceMate Library Catalogue Restored from Backup

From 2008 onwards, I used ResourceMate on Windows laptop to catalogue 3500 items of my father's theological library to edit a book by him "Enriching Australia through educating indigenous people" by S Preston Walker still not out in 2018 10 years after starting due to lack of resources.

In October 2018, when I opened ResourceMate after months of not using it, I discovered all the data in the catalogue had gone so I restored the database from a ResourceMate backup file and got back 4087 items.

This saved me years of work. Thank goodness I backed up the catalogue to hard drive when closing the application.

I plan on upgrading from ResourceMate 3.0 Regular to Essentials in 2019 to ensure the database is still readable by new versions of software.

MSP

If hosting or remote service is provided by an MSP, customer then only pays a monthly fee for maintenance, backup and security.

Security

Linux Attacks

hardening of Linux server
firewall
- fail2ban - stop constant attacks on site via Web server or ssh or postfix or dovecot (mail) 11/18
- iptables firewall
ssh login
Apache
- Modsecurity - Apache module
  - OWASP (Open Web Application Security Project) - security scripts on Apache
  - detect bots attacking server

Bitcoin Blackmail

AML (Anti-Money Laundering)
Anti-Money Laundering and Counter-Terrorism Financing Act 2006 Australian Govt

In March 2019, I received blackmail emails wanting payment in Bitcoin. They had allegedly hacked my email or had a video feed via non-existent Webcam and wanted payment. This is exploitation.

Bitcoin is perfect vehicle for fraud and exploitation worldwide by hackers of digital assets like email or Websites or Webcam or phone cams as it gets round anti-money laundering protection of banks.

Bitcoin can be tracked to receiver.

Data breaches, that feed this exploitation frenzy, need to be prevented by better IT security.

Data Breach at PageUp People

Unauthorized activity on IT system - PageUp 5/18

In May 2018, PageUp People, a recruiting agency portal, had a data breach by hacker gaining access. Red Cross, UQ, Coles Careers, Telstra, Queensland Rail etc used PageUp for recruitment services.

People who had their identity hacked can gain help from IDcare who handle identity and cybersecurity issues for people.

Those whose account has been hacked need to change their password.

Spam Assassin (Email Filtering)

In January 2016, we configured Spam Assassin and account level filtering to move spam into Trash based on Spam-Score threshold. Before that spam was mixed up in the main email inbox and took hours to delete or remove. It mostly gets it right, otherwise the reader can rescue any misclassified spam and move them back to the inbox.

Facebook Security

In September 2014, I was locked out of my Facebook account and I had to provide ID to get back in when I added as a friend a fake entry for Australian Cane Farmers Association. That fake entry was deleted by Facebook.

In 2012 or so, my login on Facebook was infected by a virus when someone from Orange City Council I was a friend of on Facebook shared a post that made out I was swearing at all in my group when I clicked a link on the post that had reverse meaning to what the link did. I unfriended that person to stop this.

Malware Removal

Kaspersky Labs (antivirus)
Immunet Antivirus (ClamAV)
Remove Mixi DJ Toolbar
Malwarebytes Premium (Windows)
Windows Defender
Microsoft Security Essentials
AVG
RKill - kills malware processes
http://live.sysinternals.com/procexp.exe - process explorer
Windows System Restore in Control Panel - restore to backup before malware entered e.g. 30tab.com in browsers on Windows 7 PC in 14/12/17
Using Windows System Restore

In May 2013, a Windows 7 was infected with MIXI.DJ browser plugin when I installed CrossFont (converts Mac fonts to Windows fonts), so I uninstalled it and several games and removed it from add-ons, search engines and default page in Firefox and Internet Explorer.

In April 2012, our Windows 7 laptop was infected by Security Shield malware which blocked all apps including browsers, delete and rename and made the PC run very slow. Safe mode and using a Linux PC were ways to download an antivirus or antimalware to remove it. We tried PC Tools Spyware Doctor with Antivirus, AVG, Windows Defender and finally Malwarebytes Anti-Malware.

Malwarebytes Anti-Malware full scan is very slow, taking 7 hours for 500,000 files. AVG did the same in 2 hours.

Microsoft Security Essentials detected Rogue:Win32/Winwebsec so I let it remove it.

The first video is better but the second video has info about http://live.sysinternals.com/procexp.exe for seeing and killing processes running when task manager is blocked.

Meltdown and Spectre CPU speculative execution cache reading bug

Windows Update on Windows 7 crashes PC KB4284826 6/18
- this crashed my Windows 7 Dell Optiplex 380 PC and it had to be restored to earlier restore point after several reboots
- patch for Specture on old hardware crashed PC and it would not boot
- Microsoft promises a correction of this update
- Go to Control Panel | Programs | Installed Updates to uninstall this bad patch
- InSpectre free tool to see if Intel CPU is liable to Spectre and Meltdown bug
- Here's the Status of Meltdown and Spectre Mitigations in Windows 6/18 list of Spectre and Meltdown Windows Updates and their side-effects
- Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
Intel pledges better transparency about Meltdown debacle 1/18 patches for CPUs under 5 years old then older processors
CPU-Z test tool identify and benchmark CPU
Microsoft's Spectre fix bricks PCs with older AMD CPUs 1/18
Google promises Spectre fix that won't slow PCs 1/18
Data centre storage performance hurt by Meltdown-Spectre patches 1/18
Meltdown and Spectre fix will slow down machines 1/18
Red Hat dumps Spectre CPU patches that brick servers 1/18
Intel releases Meltdown microcodes for thousands of processors - Linux 1/18

In 3 January 2018, Intel CPU had bug that cache in kernel could be read by user so passwords and security keys could be sniffed. Operating systems have been patched including Windows, Linux, MacOSX, Android and iOS. This is a very esoteric bug. Older hardware is not affected. CPU speculated on result of if statements in logic and executed and stored results in cache which someone reading through memory could find via side-channel (internal memory).

Patches brick CPUs.

Antivirus can block fix so check status.

Easy explanation of Meltdown and Spectre

Harder explanation of Meltdown and Spectre

WannaCrypt Attack

Around 15/5/17, WannaCrypt Ransomware worm attacked 200,000 Windows servers in 150 countries through security exploit and brought them down. Servers had to be patched and rebooted.

What to do if you've been hacked 5/17
Report attack to ACORN (Australian security group)
Reuters report on WannaCrypt attack 5/17
WannaCrypt is Malware so use Malwarebytes to remove it
WanaCrypt0r ransomware hits it big just before the weekend 5/17
ShadowBrokers fail to collect 1M bitcoins and releases stolen information from NSA hacking tools 4/17 which caused WannaCrypt hack
ShadowBrokers releases more stolen information from NSA (Snowden Wikileaks) 4/17 which caused WannaCrypt hack
HTTPS Everywhere browser plugin to use SSL on all links so man-in-middle attack will not work

Web-Based Systems

reCAPTCHA for protecting Web forms from spammers

In April 2017, I upgraded to Google Recaptcha v.2! It took me 2 or 3 hours to work out syntax! Recaptcha now uses JSON and Javascript as well as PHP.

We removed Sweetcaptcha because it has been infected with ad links.

Installing Google reCAPTCHA on Web site forms to prevent bots trashing the email system is also done by us. Contact us for an example. No more bots get through now.

Data Integration of Financials with Web Portals

In October 2010, we moved our bookkeeping to a private Web portal rather than rely on old PCs and managing upgrading Windows. We do bulk uploads of records to Web and report for tax purposes and business accounts using the Web instead of PC software making us more agile and flexible and not forcing us to come back to Orange to do accounts.

Cloud computing is where the user uses applications loaded from the Internet. The data is stored offsite, perfect for mobile applications or disaster/recover options for small businesses with small IT budgets and pay by the month modes.

Monitoring

In February 2012, we provided Web-based email-to-SMS alerts for ourselves or customers on a 24/7 basis using our own online scripts that monitor emails for specific criteria. Later we will use Nagios when have more resources. We also examine standard logs and deduct the best way of repairing the security breach or restoring the system to a safe restore point from backups.

Mailing List Archive Backups

In February 2012, we are working to recover a 1980s style system Lyris ListManager mailing list after the server was rebooted and only part of the list archive was restored from backups. Later we may migrate it to Mailman. As the original was lost, I found a copy of a personal flat file Eudora mail archive, munged it with Python, Ruby, PHP and flex and am migrating it to another Website. Others converted an HTML archive of earlier years to Word and uploaded it to box.com and Google Docs as redundancy.

System Upgrades

Windows

Windows Lifecycle Fact Sheet end of life dates when support and Windows Updates stop
Windows 7 Wikipedia end of life 14 Jan 2020
Windows 8 Wikipedia end of life 10 Jan 2023
Windows 10 Wikipedia end of life 14 Oct 2025
Windows Phone 8.1 end of life 11 Jul 2017

Windows Update not working on Windows 7

In January 2017, I installed new client for Windows Update on Windows 7 and installed over 200 updates. Before that no updates were done as the client was faulty.

Windows Upgrades and Cloud Computing

Office 365

Your email, Microsoft Office, Exchange and Sharepoint can be migrated to Office 365 by us. We are qualified administrators of Office 365. We did this in June 2016 in Caboolture for a Windows 10 laptop customer and migrated their email and address book from Outlook .pst file.

Mobile Support

In September 2018, I upgraded Windows Phone 8 to 8.1 but could not upgrade to Windows Mobile 10 due to my Nokia Lumia 820 not being supported.

PC Support

As Windows XP support expired on 8 Apr 2014, we are able to migrate Windows XP, 7 or 8.1 to a Windows 10 or into the Cloud. No more virus updates or patches will be available after that date so the system is vulnerable. This will require wizards and backups to be run and software and data migration from old applications to those that will run on Windows 8.1.

In July 2015, we upgraded to Windows 10 including installing drivers for biometrics and Web camera from earlier versions of Windows.

In April and August 2012, we upgraded Windows XP systems to Windows 7 including a backup. In January 2014, we upgraded a laptop from Windows 7 to Windows 8.

Microsoft Money is obsolete and only runs on Windows XP. Data from financial information needs to be exported and imported into software that is supported either on the desktop or into Cloud software like we did.

Other common jobs are rebuilding PCs with Windows XP, Vista, 7, 8 and 10, Linux or FreeBSD.

Examples:

upgrade Windows 8.1 to Windows 10
upgrade non-geniuine Windows XP Pro to Windows 7, setting up an ADSL/Wifi hotspot, transferring email to Thunderbird, backing up partitions to a 1TB external drive and stopping line dropping out
reverting from Windows Vista to Windows XP for InDesign to work to speed again with Dell quad-speed processor, not be a dog;
upgrade Windows 98 to Windows XP including setting up a wireless ADSL2+ router for a small business.

Linux

Linux Debian Long Term Support (LTS)

In June 2018, Linux Debian 8 Jessie was end of life and Apache was crashing intermittently, so as per Debian Long Term Support (LTS), I added LTS repositories and joined email list for LTS upgrades.

Virtualization

To save hardware, we can create virtual machines to run your applications. This allows us to run Linux and Windows on top of each other. We did this on limited hardware in Brisbane to enable us to test software running on FreeBSD, SuSE Linux and Fedora Linux all on a Windows XP Pro PC without having to install them on separate partitions. This is heaven for a sysop with a limited budget.

This flexibility improves agility and produces quick disaster recovery. This is what they had to do after September 11, 2001 in USA - move their staff to another location and rebuild servers from backups to survive using minimal hardware and working over the Internet from remote locations. Many sites or small businesses worldwide now backup to a remote server for a monthly fee per Gigabyte. This is now called cloud computing.

Using virtualization, snapshots of various operating systems like Unix, Linux, FreeBSD, Mac OS X and Windows can be saved and then reloaded on a totally different operating system allowing for very quick response should the hardware fail or a system be overrun with viruses or spambots due to lax security.

Common virtualization software includes VirtualBox, VMWare, Xen or HyperV.

This can also be done via Docker.

Testing

This is ideal for setting up various work or test machines without having to purchase many pieces of hardware to run them on.

If the customer provides us with a support ticket with configuration information in it to reproduce a bug, we can login to our own virtual server and reproduce the errors without having to go near their server and deploy a fix for the problem from our inhouse resources.

If the customer does not have enough modern PCs to run test machines, we can install VMWare and load a virtual operating system image to test systems at low cost and high efficiency and enable us to get on with the job despite a lack of dedicated hardware on the customer's premises. We have done this onsite in Brisbane when we were doing technical support for a small company and just could not get a spare PC to test systems on to achieve our objectives. VMWare virtual images are a great way to get around these hardware limitations often foisted upon us to save money by the customer.

As usual it is easier to spend our own time and money doing virtualization than waiting for ages for the customer to spend money then ending up doing it for them for free just to get a job done on time and make money. This seems to be how small businesses avoid paying any money - they put financial pressure on suppliers and in the end they donate equipment or time to get a job going rather than have it fold due to the customer avoiding investing in equipment and training. The tradeoff is we own the technology and bring our own tools to the job to avoid delays so the customer owns nothing and just gets a service.

As of March 2012, Veritas Backup Exec 2012 now supports VMWare and Hyper-V so only one backup for multiple Windows or Linux Virtual Machines on a host is required.

Tools

VMWare is mostly about setting up virtual machines in data centres. We do not use it much inhouse except for setting up a test machine. They are into 1000s of seats (licenses) per customer (enterprises) not little guys like me who have may be 1 or 2 licenses. They are a greedy big company. I do not recommend VMWare for small businesses only medium to large enterprises. Apart from their free VMWare player, everything else they sell is over $10,000 USD per licence.

VMWare has several open source divisions: Springsource (Cloud Java beans platform), RabbitMQ (messaging) and Zimbra (groupware) which is of value to me as an opensource developer. I went to a course in Brisbane in 2011 with Queensland JVM on Springsource and RabbitMQ.

We recommend opensource virtualization products like Xen Project.

VDI is Virtual Desktop Infrastructure so the user can run their desktop on a virtual server not their own PC. Microsoft, VMWare and Citrix support this.

Around 2014, we looked at Docker containers to run instances of operating systems.

Communications Infrastructure Disaster

In November 2012, Southern Grampians Shire Council was cut off for 2 weeks when Telstra Warrnambool Exchange burnt down. This is a lesson on having backup plans that are tested.

Due to excess data on Optus and Vodafone mobile networks being very dear at $10/GB, in November 2015, I setup TPG broadband at my home office to combat this excess data charges.

NBN cuts copper about 6 months after it comes to an area. Caboolture will be cut off in September 2016 so all people must switch to NBN or mobile for communications.

Council IT Dept tells of major failures after Telstra fire 26/3/13
Telstra exchange fire cost $408,000 a day 25/3/13
Working on the Warrnambool Exchange [after the fire] 29/11/12

Contact Us

Get in touch if you need help rebuilding, upgrading, recovering, backing up, virtualization of your system or protecting of Web forms from bots. We have experience with Windows and Linux both local and remote backup to disk, flash drive or tape and to the Web.

We have experience with gigabytes of backups.

Links

Created: 28 June 2007 23:10
Last Updated: 8 Mar 2019 12:12

WWWalker Web Development Pty Ltd

web counter since Apr 7, 2015