Page 107 of 108

Data Recovery

Data Recovery

Oh my gosh, my files are gone! Have you ever had that sinking feeling? Are you having it right now? Stop, turn off your computer, wait, not until you read this, but then you can turn off your computer.

The secret: when you delete a file or a lot of files on your hard disk you are not actually deleting them, what? You only delete the index entry to that file. Think about it this way, you have a large group of post-office boxes each one storing a letter in each one. So the word apple, would have one letter in each box. There is a directory on the disk which points to which boxes hold the word apple. Now, being efficient (lazy) computer people, when we delete the word apple all your computer does is delete the directory entry. If we go look in the boxes we can still see a p p l e. So all this is to say is that when you delete data it really is not deleted. But the boxes they were stored in are marked available. So here is the rub, if you delete something and then save something new, there is a high chance that you might overwrite that old data with the new data. Now your data is gone! So turn off your computer, really.

If you know what you are doing you can buy any number of software packages that will help recover the data. The problem is that if you install it after you have deleted the files you run the risk of clobbering your old data. What I do, and can do for you, is remove the drive from the computer and make a full image of the drive, that is a bit by bit copy of both the used and unused areas of the drive for safety. I then run some of the best (and expensive) recovery software available to search your hard disk for deleted data, once I find it I recover it to a different disk. Walla. Your data is back. Whew.

Each data recovery job is unique and I will look at the situation as quickly as possible and get you an estimate, I only charge $25 for the estimate. Typical recovery ends up costing about $100 to $200. I also offer rush service.

A little more detail, hard disks store data as magnetic charges, positive and negative charges on a spinning disk, sort of like an old fashioned record album. This disk spins very fast, typically 7,200 rpm. So if you think about bumping an old record player would scratch your album and put a skip in it forever. The same can happen with hard disks but instead of a skip your data is destroyed. Now this presents a problem. You data, or part of your data is damaged. But most times we can recover the rest of the file.

So for example, we may not be able to get your whole dissertation back but we can get the most of it back. Also, from time to time, drives actually stop working, either they stop spinning or they start clicking, this is, honestly, bad. There are a few tricks I can try to get the drive to work just long enough to try to get the data back. When all this fails, I work with special labs which can actually take the disk apart and install the platters (the album) in a new chassis. This can end up being very expensive. So in the case of physical recovery, we offer a service which will give you a list of what we can get back, before you commit to paying for it.

Back Ups – The Solution to Losing Your Data

I have a good friend who is a professional photographer and he attended a lecture I gave at a local camera club about data backup and safety.

For starters, remember that every hard disk will fail, it is just a matter of time. One of the things I mentioned is that you should consider having an external hard disk as a backup. So he heard that and eventually went out and bought an external drive, good. Once he got it home, he let it sit around for a couple weeks and then finally decided to connect it. Woohoo. So after he connected it he decided he would put all of his photographs on the new disk so he could have them all in one place. Maybe you can guess what he did wrong? He moved his files, notice I said moved, to the new disk, they were no longer on his computers hard disk. Now what did I say? I said use it as a backup or COPY. I can’t tell you the number of people who make this mistake. You need to have, at least, two copies of your files. So when one gets deleted or its drive dies you still have the other copy!

So what happened to my friend, well his brand new drive, only a couple of months old, stopped working, hmm, he brought it over and it was bad, really bad, it was not spinning, nothing at all. We had to send it to a lab that, after a lot of work, was able to get the data back. Well almost, the lab sent us a list of the files it could recover, a huge text file listing all of them and their sizes. He was so relieved; he reviewed the list and gave the go ahead for the recovery. Oh, no, we get the data back and he opens it up and there are only 6,000 files, wait a minute, what’s going on? He opened the list they had sent earlier and realizes that they got back everything they said they could. In his exuberance he did not look at the list enough to realize that there was not the 50,000 files he expected. He was sick, we talked to the lab and they said that truly that was all that was recoverable. He ended up sad that he lost 44,000 files but grateful that he got 6,000 of them back, and all for only $2,000. So the moral of the story here is just do backup right from the beginning and you will sleep better.

DNS mindshare

I have been thinking about how much people are thinking about DNS and I came across the Google Zeitgeist project (http://www.google.com/intl/en/press/zeitgeist/index.html). Basically this is an interface to understand what people are using the Google search engine for. Specifically, I was poking around Insights for Search and queried a few terms related to DNS. The information is fascinating. The most interesting part I noticed is the number of searches and the countries they are coming from. Again, I find this stuff fascinating. We beat the drum each day for DNS and most people never give it a thought, much as it should be, but if you are reading this you probably have a bit more interest. DNS searches have actually decreased over the past few years. Maybe people are more educated? Less concerned? However, DNS attacks are on the rise that is certain.

In our last TechTalk event we had a great number of participants and fielded a lot of questions. There was some good discussion about DNSSEC implementation. Based on what we discussed – you should plan to have your DNSSEC implementations done by the end of 2011, at the latest. Also there were lots of questions about reverse DNS. Reverse DNS is just like DNS but specifically for the IP addresses, for example when you want to know what an IP address points to you would do a reverse DNS query.

The questions were focused on how admins setup a reverse DNS. Reverse DNS is typically maintained by the organization who “owns” the IP address(s) or block. In their DNS server they create records for each of their IP address that point to hostnames. Many times those host names will be generic, which is fine. For certain things, especially email, having the hostname come back as generic can create a problem. For example, when you email server attempts to send a message to another server (the receiving server), nine times out of ten, the receiving server will do a reverse DNS lookup on the IP address of the sending server, if the hostname returned is not related to your email zone or if there is no reverse DNS record the receiving server may reject the message. Some email servers can get particularly persnickety about this.

So make sure your reverse DNS ducks are in a row. One of the easiest ways to verify all of your DNS settings is to run a DNSreport at DNSstuff.com. You first need to get a free 21-day trial account to have access to all tools.

Secunia PSI 1.5 is out…

Download it now: http://secunia.com/vulnerability_scanning/personal/ Secuina PSI is a great Windows application to give you visibility into what security threats are sitting on your computer. There are so many pieces and parts of software that can be easily compromised… how do you keep up with all the updates? Use Secuina PSI. It is free for personal use and I don’t compute without it. Not only does it show you what has an issue but gives direct links on how to fix it. Cool.

Dusty Name System

Every IT person has some interaction with a DNS server, even if it is not managing it. Most DNS servers, certainly the majority are sitting in some closet or rack somewhere dutifully running and collecting dust. Like a certain battery operated bunny, these services just keep on running. The durability of DNS (Domain Name System, that is) is a testimony of just how well it was designed. DNS serves every single user of the Internet consistently, day-in and day-out. What DNS does and how well it does it is nothing short of an engineering miracle simple, elegant, scalable – truly amazing. How often do you think about your DNS server? Here is my plan for how to keep your relationship with your DNS server alive and well.

  1. Check your system logs to make sure there are no impending hardware failures on the horizon. For example, be sure you have SMART enabled to check your systems hard disks and make sure that you can receive the SMART alerts should they occur. You should also review your logs for any other errors such unexpected reboots that you may have missed.
  2. Monitoring, you should really think about monitoring your DNS server. Is it up? Is it responsive? Is it giving the right answers? Can those who need to access it connect?
  3. Don’t confuse things. Don’t run a recursive name server that is also the start of authority for a DNS zone. You really, and I mean really, need to separate these functions to different servers. If you don’t you are opening your zone to a very high level of risk.
  4. Check your DNS server version. Make sure you are running the latest version of you DNS server software. This is imperative.
  5. OS updates are critical as well. Make sure you keep your system up-to-date!
  6. Run only DNS on your DNS server. You can run other software but you then have to be concerned that periodic (required) updates to your DNS software could impact other parts of that server. So the less you are running on that server the less risk. Just an idea.
  7. Never have only one DNS server. You absolutely need two resolver servers and two SOA servers, at a minimum.
  8. Try to have your SOA DNS servers on different networks with different paths to the Internet. If you do this and one of your networks goes down people will still be able to resolve your zone.
  9. Backups. Right now – go and do a dry run to restore your DNS server. If you are thinking, “Boy, how do I do that?” You should panic. You don’t want to ask that question when it really fails. Get your ducks in a row right now.
  10. Replace older hardware. The nature of hardware is that it fails. Proactively plan for replacement of your DNS server.

So please take a few minutes and at least think through each of these issues. DNS will always be an attack target. DNSstuff can help with robust tools and proactive alerts that verify configuration and assist with troubleshooting and resolution. Having DNSstuff’s web application at your fingertips is a must for IT professionals.

Blogging from somewhere over the USA

I am on a Virgin America flight – right now – typing this blog entry via onboard wifi. Very cool. I am using GoToMyPC to access my office PC. My IP address is: Your IP: 12.130.118.3 Near: Itasca, Illinois United States (this info is courtousey of DNSstuff.com). I am not able to use anything but pure HTTP and HTTPS. I tried to make an RDP connection but no go. Attempting to make an SSH connection into servers also failed. But I can most everything I need to do via what I have here. There is a standard power outlet at my seat, in coach, so I have all the power I need! Very cool.

© 2025 Paul Parisi

Theme by Anders NorénUp ↑