Domain: clonezilla.org
Stories and comments across the archive that link to clonezilla.org.
Comments · 26
-
Re:backupsLots of options. Here's the important stuff:
Hard Drive Encryption is the best solution, IMHO. There are Self Encrypting Drives (SEDs). Many solid state drives have encryption built in. Sweet. Nothing but fine. You gotta turn it on though. RTFM.
PGP Hard Drive Encryption is great. And there's Bitlocker (Windows) too.
Yes, backups are a very good idea. And backing up to or having your backups at multiple locations (Distributed Architecture), even better. But you gotta plan for updates. Just a thought: sensitive files should be encrypted, period. And if all your secret stuff is already encrypted, do you really need to encrypt your backup?
Online backup services are available too, like Carbonite($). Good rep. Haven't tried 'em.
For a full system image, trust Clonezilla - IFF you get it from the source (http://clonezilla.org/). It's straightforward, but read the docs anyway. There are other options, but I go with what I know. And I know that if you're moving from a Dell(x) to an Asus(y), a full system image might not be what you're looking for.
For small stuff, like documents and files, you might think about copying to a Flash drive. Just a warning: they are notoriously easy to recover deleted files from.
Don't forget to backup your
.vimrc, if you're into Vim. I forget every time. -
Re:What exactly are you backing up?
Agree, in my experience Clonezilla does as well in this arena as the commercial offerings. Be wary, however. All of these products can behave a little funny sometimes in certain environments. Whatever you choose, test it out all the way through a backup and recovery before relying on it.
-
A duplication of effort
This sounds like a severe case of "Not Invented Here" syndrome. We already have a fantastic image archival and replication system in http://clonezilla.org/ , any budding developers would better serve by contributing to the various projects that make it up.
-
Here's how I'd do it
1. Create a linux image (you can use Clonezilla, g4u or Ghost) that requires labusers authenticate to either LDAP, AD or something so you have their actual user details for logging and auditing. Alternatively you could boot it from the network or from CD. Another alternative is to use deep freeze.
2. Ensure that the system is checked for integrity on startup and the latest image is downloaded and applied if it doesn't match the correct version. cron a reboot that forces this if you're worried about users doing stuff and not rebooting.
3. Ensure that logs are written to a syslog log server or that you get the authlogs somewhere (who logged in where, on what ip address and when etc...).
4. Give users as much access as you need to (yes, even root). If they do anything wrong you have audit logs and because of the imaging unwanted software and programs will be removed. -
Re:I use it for linux distributions
How would you use broadcast or multicast to distribute an OS? Call me ignorant, but how would you do that in practice?
Pretty easy to setup using Windows Deployment Services
http://www.windows-noob.com/forums/index.php?/topic/452-how-can-i-multicast-an-image-in-windows-deployment-services-windows-server-2008/Or if Linux is your preference
http://www.udpcast.linux.lu/Or Clonezilla has a multicast restore function
http://clonezilla.org/clonezilla-SE/use_clonezilla_live_in_drbl.php -
Preserve, and nuke it from orbit!
Backup first, preferably disk-to-disk low-level copy so you preserve the state of the machine. Buy or bring a disk with the same capacity or bigger than what he already has. Use something like clonezilla to make the copy. Assume the backup *is* contaminated. Do *not* mount the drive on a machine with the same OS. Retrieve document files using a different operating system from the one your Dad's machine was running, scan those files until they are squeaky clean. Restore only what is absolutely necessary. Keep the backup handy for when (if) you talk to the police and/or bank.
An alternative approach rather than backing up and nuking the original disk would be to leave the original disk untouched, simply take it out of the machine, swap in a new/clean one, and start the reinstall from scratch. This would get your Dad up and running again and let you explore the original disk at your leisure, again not from a machine running the same OS. You don't say what system your Dad is using, but if it is a Windows machine, you could run a linux machine and explore the disk relatively safely after mounting the ntfs disk read-only.
-
Re:Unfortunate Reality of Being a Linux User
Wouldn't it be easier to just create an image using Clonezila?
Mod parent up!
I use Clonezilla on every new system I get. *Before* I boot, I clone the disk. There's no illegally downloading some ISO at all involved. If something goes wrong during "play time" (Like installing some odd FreeBSD or Linux distro) and the system decides to quit working (via either hardware or software) I re-image, make the RMA call and relax while my replacement comes overnight express.
I also run HD exercising programs that check the disk for defects. Only after I've done that do I rip windows off the machine and replace it with something else.
-
Re:Unfortunate Reality of Being a Linux User
Wouldn't it be easier to just create an image using Clonezila?
-
Microsoft one push-button Reset®
"Microsoft, in its infinite wisdom, will provide push-button Reset and Refresh in Windows 8"
You mean like Lenovo One Button Restore
"Windows 8 will include a new tool called recimg.exe, which allows you to create a hard drive image that Refresh will use"
You mean similar to CloneZilla? -
Re:Ghost
i think you are looking for ping
http://ping.windowsdream.com/or g4u
or CloneZilla
or dd > gzip > ftp (which is what g4u does, actually). -
Re:Homebrew
A simple solution we use..
A DOS boot disk that connects to a network share. In that share we have some bat files that run ghost for a backup and some bat file to run a wipe. The boot disk actually loads everything to a ram drive that is created so the boot disk does not need to stay in the computer
Boot up the machine with the boot disk (or boot USB stick). Once the drive maps, run "backup someuser", backup is a bat file that runs ghost with switches that breaks the backup into 700MB chunks with fast compression and puts it in a directory called someuser.
@ECHO OFF :: Check to make sure a username was entered on the command line
IF "%1"=="" GOTO noname :: Ghost the users computer to the network repository
cd m:\
CD images
MD %1
CD %1
m:\GHOST\GHOST.EXE -clone,mode=DUMP,src=1,dst=m:\images\%1\%1.gho -fro -NTIL -autoname -split=660 -sure -z1
GOTO exit :noname
CLS
ECHO **** ERROR!!!
TYPE m:\scripts\noswitches.TXT :exit
CLSECHO **** Backup complete ****
ECHO
ECHO Remove Boot CD/Floppy before powering down!
@EXIT
Once the ghost process is done, we have another bat file called wipedrv. It runs with switches and does a 3 pass wipe. I don't remember where I found wipedrv.exe file but it was freeware, it has a date of 12/11/2000 and is 70KB in length.
@echo off
m:\wipe\wipedrv.exe 0 /L2
ECHO WIPING process has ended.This process can be modified to work 100 different ways. If you do not have old school DOS boot skills (who does anymore?) or recent ghost exe files, you can try Clonezilla Live for the imaging process and any one of the many Linux based wipe disks.
-
Re:Invisible?
Not that I knew so at the time, but the first thing you do after buying a computer should probably be to fire up a copy of Clonezilla and image your disk. (Then, after you've cleaned all the crapware off of it, image it again.) Since I'm a CSSE student, I was lucky enough to be eligible for a free copy of 7 Pro which was totally crapware-free, but I ended up imaging it anyway when I fell victim to some malware just a month after reinstalling. So if I get infected with something again, I'll have to reinstall most of my programs, yes, but not the whole system.
-
Re:Norton Ghost
I just recently used Clonezilla to clone my work XP machine's drive and restored from the clone to verify that it worked. Awesome project if you ask me. That supports ext4 etc. It also makes it trivial to clone to a network share, something that seems to be absurdly difficult with Ghost.
-
Clone the disk
I've found the easiest way to handle the lack of recovery media is to purchase an external USB drive, install Clonezilla on it, and take an image of the hard drive before I ever boot from it (or overwrite it).
-
Re:Hard disk failure? Unlikely...
So the answer everybody is over looking is don't buy it if it doesn't come with an install CD.
...
Seriously if you shop for the cheapest you will get the cheapest. The companies really are giving you what you want and are willing to pay for.
Think of it this way. The average person when looking for a PC if they see two identical machines but one is $10 then the other because it includes a recovery CD will buy the $10 cheaper machine.
I am adding $10 because it takes time to burn, test, pack, and replace bad CDs under warranty so you need to charge more then $1 or so that a black CD will cost.
frankly if you buy a machine and it lets you burn a recovery CD that should be the first thing you do.
Other options for the slashdot crowd are.
http://www.clonezilla.org/
and
http://www.partimage.org/Main_Page
Hey make your own back ups folks and you will not have this problem. -
Re:A GUI for the motherboard?
How does FOG compare to CloneZilla? I know that resizing partitions is still a bit awkward in CloneZilla, and this was one of the things that I liked to do a lot of with Norton Ghost once upon a time.
-
Re:just install linux the next time you reformat
Next time you reformat, make a ~20gb scratch partition in a non-windows-type.
Then use CloneZilla to make an image of the working system and store the archive on the scratch partition.
I did this to my parent's computer and left them with a CloneZilla bootable CD. They haven't actually USED it yet, but I anticipate that the restoration process will go much faster next time, and can probably be directed over the phone instead of them waiting for me to be next to the PC. -
Re:Ok well I disagree
CloneZilla? It's linux-based, but it'll run as a LiveCD (aka, put the CD in and reboot). It comes in Live and Server editions for different needs. The backups are fast and you can choose how much compression you want as well. It can connect to remote drives and physical drives and I've just tried running the server edition at my old school (I volunteer there) and it works great! We got a whole lab of computers-around 20 of them-in only 3-4 hours! They were all running Windows XP.
And IIRC, it supports FTP and Samba/NFS. http://clonezilla.org/ for the regular LiveCD or http://drbl.sourceforge.net/ if you want a live server edition.
-
Once again with the "nofix"
If you can confirm that there was malware on the system there is no cure except to start with a clean image - preferably one you stored with an imaging tool like the free Clonezilla prior to accessing any network at all or any untrusted media. Putting a clean image on can take 5-30 minutes, and is certain to remove all traces of infestation. It's actually quicker than scanning. Once you've got a confirmed hit your only business using a compromised machine is an inspection of the features that got the user into trouble so you can turn those off after you image, and capture for them a more suitable image.
There's a tired old nag about no software being secure but really one thing is for certain: once an app has been running that's known to be infested it got there because the maker knew something the user didn't. Among the other things the user doesn't know are how many other applications the malware infested, how many running services were leveraged with local privilege escalation, how many rootkits of various sorts were installed. Most modern malware immediately upon installation scans the local system and sniffs the network. They look up components and download a cocktail of toxic code that's both tailored to the specific machine and randomly generated so as to be unique. There's a management system that auto-permutes millions of vile code variants every day, and uses a genetic algorithm to determine which of the little beasties is the most efficient. This is not your dad's malware ecosystem.
Pretending to remove malware is nothing short of malpractice. All you're doing is helping the bad guys by pointing out which modules survive a cursory attempt at cleaning.
-
Re:Not MS sponsored.
I was actually quite excited when vista came out as I was hoping that promises would be kept and my life would be made easier by not having to help friends and family sort their computers out once every six months.
That isn't going to change ever. Get yourself an external USB drive and a pendrive with clonezilla. After you put them back together next time, make a clone of their hard drive. That way next time you can be done in 20 minutes.
-
Re:ease of deployment
Right now, ghost is still the most efficient way for us and our number of users, but I can see that changing.
And yet another corner of the mighty IT Ecosystem gets pulled under the Microsoft umbrella, with predictable results for competing platforms. It's a good thing there are open source solutions Microsoft can't kill.
They're after Adobe, too. All you Photoshop fans should be really nervous.
-
Re:No wonder
3.b. Make a clone image of the system to an external hard drive so that next time you can be done in 20 minutes. I recommend clonezilla for this because it's free, boots from a pen drive, supports Windows and Linux, and will save to a USB drive or open Windows share on the network.
4) It is usually a good idea to use something else than Internet Explorer for surfing
;-)Another good tip is to load a good hosts file. You would be amazed how much it helps. There's no host like localhost. It's cheezy, it's retro, it's cheating. But it doesn't cause cancer.*
*This statement has not been evaluated by the AMA. Void where prohibited. Your mileage may vary. Everything causes cancer.
-
anyone already says CloneZilla?
http://www.clonezilla.org/ basically you must download the ISO LiveCD, burn it to a CD, boot from it, and make an image to another drive, usb, ssh server, nfs, etc. also the resulting image can be compressed. I've just imaged a 40GB partition with 22.5GB used to a 5.12GB archive bzip2 compressed, it took 90mins aprox.
-
i use becose of family (children f* evithin up in)
i Use http://www.clonezilla.org/ to backup the HD. nomaly i only backup the patision were the system is on, a 100GB HD i take 20 GB for the backup then it don't take me 3-10h to install windows + programmers + setup then it only take 10 mins. to get back on and the children can play agen. fist time i say to my border nothing can go rung it took him 10 mins to fuck windows up
:) he was 6 at that time -
Re:Once again...
Correct me if I am wrong, but, you don't even BEGIN to mention how to clear a shot bootsector did you?
You're wrong. Wipe and reinstall from known good media does clear the shot boot sector, as well as everything else. The only malware that can survive this process are either on the installation kit (none currently available, though it has happened in the past) or firmware (also, none known, a theoretical threat at most).
Of course I assume a pristine image backup. A good image backup is a necessary part of first line support for every PC. Whether a user is supporting their own system or tech support falls to some third party, gradually installing all the software in a useful desktop PC takes time. Performing a clean install from source media is an essential step of preparing even a new PC in order to eliminate OEM included software nonsense. clonezilla is fast, reliable and free. It's good professional guidance to tell people to build an image with known-good software with all available patches and make an image backup before connecting to the network and again after all the software that must be "activated" has phoned home. It's work but it's background work every PC needs to operate in the current untrusted network environment. This practice pays off with just one restore and systems should be restored from a known good image periodically whether compromise has been detected or not because sometimes compromises go undetected and systems develop cruft over time that destroys performance and distracts from the work of the day. Guiding people away from that sane "provably safe foundation" principle borders on malpractice.
It's also good guidance to recommend that people operate from a restored snapshot image rather than just taking one. That way they know for certain they can restore the snapshot from a tested backup and it will work.
If people don't have a clean image then recommending they build one as part of the recovery practice while wiping and restoring to recover from a rootkit is sound guidance also. The only problem with this is when people don't have reinstall permission, rights or media. Those people aren't going to listen to anything you tell them anyway.
Again: Please don't tell people to try to "repair" rootkits or viruses. Repair is not reliably possible. At worst it communicates to the undetected and unrepaired malware that the unit is a real person, not a honeypot, and that they're clueless about security. In that way it makes them more of a target and decreases rather than increases their security.
-
Wow.
Now I'm arguing with a famous anonymous coward. Cool. Y'know, Rob Enderle gets himself into print a lot too.
Wiping and reinstalling doesn't have to be painful. If you catch a good image with clonezilla you can restore in just a few minutes. It's actually faster than scanning the whole PC, don'tcha know.
Oh, and I don't need any blue ribbons on my shirt to point out the blatantly obvious.