Ransomware Protection w/The Synology UC3200 - Stuxnet the Middle With You
Vložit
- čas přidán 15. 06. 2024
- Table of Contents:
0:00 - Skit
1:29 - Why do you need the Synology UC3200?
5:04 - Specifications/What is it?
7:36 - VMware compatibility
9:04 - How we're using it with our Tyan Transport CX TN73B8037
10:56 - Hyperconverged infrastructure setup
12:06 - Nodes of the Tyan Transport & Configuration
14:25 - vSphere snapshots misuse/danger
16:36 - VMware Replication & how to use it
18:26 - FULL CIRCLE - How to protect against ransomware/VMware weaknesses
23:34 - Importance of separating management interface
25:50 - Outro: How did the Synology UC3200 react to cutting its cable?
In this video, Wendell shows you his way of preventing ransomware attacks, thanks to our friends at Synology!
Hope you enjoyed!
~ Editor Amber
**********************************
Thanks for watching our videos! If you want more, check us out online at the following places:
+ Website: level1techs.com/
+ Forums: forum.level1techs.com/
+ Store: store.level1techs.com/
+ Patreon: / level1
+ KoFi: ko-fi.com/level1techs
+ L1 Twitter: / level1techs
+ L1 Facebook: / level1techs
+ L1/PGP Streaming: / teampgp
+ Wendell Twitter: / tekwendell
+ Ryan Twitter: / pgpryan
+ Krista Twitter: / kreestuh
+ Business Inquiries/Brand Integrations: Queries@level1techs.com
IMPORTANT Any email lacking “level1techs.com” should be ignored and immediately reported to Queries@level1techs.com.
-------------------------------------------------------------------------------------------------------------
Intro and Outro Music By: Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
creativecommons.org/licenses/b... - Věda a technologie
This is what happens when Wendell is left unsupervised with a big bottle of orange pop.
Wendell flexing his server room size again,
some people just don't have any bigger room than a cupboard under the stairs to spare.
Algorithm boost for that beautiful intro. Much love, Wendell!
Much appreciated! ~ Editor Amber
I like to think that Synology sponsored this segment not to show off hardware, but to show off Wendell's Reservoir Dogs homage.
Correct !
take my like just for the intro skit
Somehow I knew wendell was all about the new balance shoes
Thanks for making all of these videos on security/backups. Having this knowledge at hand certainly makes the prospect of setting up an externally accessible home server less of a butthole clenching experience. It's nice to know how to stay safe.
I like it when I feel like I _almost_ understood most of what Wendell talks about 😂
Such cool technology, amazing captivating chat and exposé. Thanks :)
That opening skit!! Wendell is amazing!
You got a Like just for that awesome intro. And the unknown unknowns reference? Visions of Donald Rumsfeld dancing through my head...
I don't know what that intro was but I want more of it
Just started a new job where im responsible for a small ESXi cluster running on this hardware. This along with looking through the config and scanning the manual is just what I needed. Thanks as always, Wendell.
Even while sick, that intro makes me laugh! Good job guys!
This video came out at the best time
As an insurance professional working in the Cyber lines. Thank you for making videos on this topic and discussing ransomware in general, i saw you had mentioned it in the podcast as well and really this is a national security issue as well. The number of claims and losses I see because basic segregated backups are not in place is ridiculous and now because of how hard businesses are being hit the cyber insurance industry is entering a hard market (supply of capital to insure risks is less than the demand). People don't have MFA at all, they don't utilize EDR or NGAV solutions they dont have basic security policies or escalation policies. It's ridiculous and frankly frightening.
Glad to hear from you. I can't remember the last time anyone covered how an attack was done / how the security failed. We need Wendell's info, but most of us can't afford this. We need some budget-practical best practices that work against actual recent attacks.
When I still had in-house servers at work, the UI interface for the VMs (XenServer) was only accessible if I plugged a laptop into a specific set of ports on the hub, then you had to configure the laptop for vlan tagging and connect to a specific vlan with a manual IP that didn't have a dhcp server. I didn't have enough experience back then to do snapshots on the NAS though, but I'd probably do that with a separate vlan and zfs now if I were setting one up.
I had the chance to set a UC3200 up as a target for a small non-HCI VMware cluster ... not quite a year ago, I think? IDK, time is immaterial now. Anyhow, so far it's been incredibly boring, which is exactly how I like my storage. This is an awesome overview, you've given me some ideas to go back and improve that configuration.
_Horrible flashbacks to a man getting his ear cut off…_
PS. Wendells puns are always on point. I really liked "Stdio 54"!
You are a good teacher Wendell, thank you.
I do like that Ransomware keeps businesses on its toes.
It's becoming increasingly common for criminals to target the backup itself to prevent the obvious. Sometimes the OS is altered so that backup files are silently encrypted as they get passed to the backup device and unencrypted if they come back for a period so that the backup itself becomes encrypted for example.
Kudos to Synology and Wendell (incl. Level1 Team).
Easter eggs or homages are great - and from now on, Wendell the Great shall be known: Dancing que... King!
Aem- as some of us like to tinker or use surplus jaddi jaddi ja, Wendell, Level1 Team & community:
pls do follow up videos & Info threads in the forums,
how a self configured TrueNas or (insert combination software
+ reused hardware here) which comes close to that great idea if Synology.
Bit rot and data corruption, redundancy auto failover, ransomware protector 3000 with (... add features)... so a "Beast".
Could be a great video season to bring some other solution up.
Cheers from Germany and keep up the excellent and astonishing work!
Clowns to the left of me, jokers to the right! Here I am, stuck in the middle with you..
Wendell channeling his inner Michael Madsen.
Mr Purple ?
Well, severing the ethernet cable is a foolproof way to protect from ransomware. ;-)
Well this intro is going to get that thumbs-up right away
love the intro wendel!
Always a great idea to put all of these gui endpoints behind multiple layers of security. Things like jump boxes + authelia.
This reminds me that cutting server room cables news you guys joked about.
This is actually a really clever intro
Comment for the engagement and Algo boost awesome intro
Who loves orange soda? Webdell loves orange soda!
Brilliant! Thank you!
Wendle proving he has "the moves like jagger"
Its also fun to play with purestorage flash arrays and veem :)
10/10 Great intro skit :)
I need to share this very recent information about my engagement with the quality clip
Intro: I feel Wendell is the end boss in some Nintendo game.
God you're such a dork. Love it!!
I have that exact, that EXACT snipper that you pulled out of your sock.
What's even weirder, is that I also have it in my sock when I work.
Does this make Wendell Mr. Orange?
Wendell! Please review the Qnap QSW-M408S since it would go well with this product i think.
wonderful floppotron music
No one does intro skits like Level1!!!
Is there a virus that makes your hard disks or fans spin too fast while reporting that everything's normal?
Dancing Wendell needs to be turned into a bunch of different GIF's.
Very cool
How about Proxmox or xcp-ng with the UC3200?
Oh Gods that intro 😄😂
1:03 "or even crazy people"
did you mean crazy strangers perhaps? Maybe even exactly six crazy strangers?
ok I stop 😆 If you want to feel old: that movie will be 30 years old next year
Stuff like Steves intel puns "back to you steve" "3080 tie" "you can literally see it", or this quentin hommage just makes this part of youtube the most awesome part.
When I discovered L1T, I came for the Linux, but stayed for the puns
Wendell I'm just glad those sneakers do not have Velcro straps .. How the hell did you get Michael Madsen to make a cameo, what an amazing dancer, Mr. Lavender ..
Noice! Too bad Synology collects telemetry like crazy. TrueNAS Scale for me.
Wendell you are insane
I think Wendel is installing gentoo in the beginning.
Does a system like this have zero loss or does the vm reboot when it redirects from one controller to the other?
Zero loss. The iscsi mechanism and ip failover mean failure of a node or switch is handled transparently
A cold storage backup saved me from ransomware via RDP.
you are adorable windel
Wouldn't cutting a network cable while its plugged in damage the switch and nic?
Wendell you remind me of my old boss Tom J.
Don't know what you don't know, until you know, what you don't know.
You cover redundancy well with the 4 node cluster but whilst they are still in the same chassis there seems to be still a single point of failure...
You need another one in another rack if you're worried about that :)
lol wtf that first minute xD
"No sane man will dance." - Marcus Tullius Cicero (106-43 BCE)
Gave your self the extra extra cable to do that I see
LOL! Data Reservoir Dogs!
"Larry, stop pointin' that f***ing gun at my Dad!"
24 hrs of Star Trek idle engine noises. 😂
Wendell just needs to throw some gas on it! Maybe Mr pink has it?
Snapshots slow down your running VM. Once you have a few snapshots on the same VM you will notice it. They are meant to protect against patches going wrong, whether app updates, or OS, but not meant to be kept for long.
hehehe, nice
Is that a toaster humming the song¿
i Came back for the joker in the middle skit
engagement
Mngegaeten
Mr. Orange 🤣
USB sticks to boot ESXi is the devil! boot the servers off an iSCSI target, in this case just roll back the boot image on the UC3200
just like NetApp 🤓
Steelers Wheel Lmao
Vaguely reminiscent of but an entirely original composition otherwise :D
I love sassying people who get ransonware or just plain lose data: "Luckily you can just restore from the backup which you surely have since you claim the data was important."
Mozart edited the intro.
I use RAID1 as my backup with admin/admin as the username/password.
you had a perfectly lined up joke to remove a rack ear.....come on wendall...
Wow, Wendell, that acting was just malicious!
Intel must have paid Synology to use their CPUs 😂
It’s all Synology uses and it’s been that way forever.
cringeworthy but informative