Ran a copy command... somehow (don't know if related or not) partition of drive I copied to became corrupted?

Tengis

Supreme [H]ardness
Joined
Jun 11, 2003
Messages
6,076
Doesnt make a whole lot of sense to me. I have no idea what I did. I may have been a victim of some type of cyber attack because my home server logs are all wiped out as well so I cant see if anything actually happened. I was running SnapRAID on my server and the content and parity files are all missing. I really dont know what to think... maybe somehow I entered the perfect storm of BS and my drive just happened to mess up which made the other issues obvious.

One minute my drive was working, the next it appeared to have no active partition. Drive is good with low hours, an 8tb WD drive with no SMART errors. I was thinking maybe I borked the directory when I typed out the command or something but, even then, I have no idea how a copy command could screw up a partition. So far I have been unable to recover the data (about 5tb worth) or restore the partition. Im running a deep scan on the drive right now trying to see if I can get the data copied to another blank 8tb drive.

Server is running OpenMediaVault and I generally access it through the web interface and/or with putty.

I dont really know what to even ask for help with because I dont even know what happened or why it happened.
 
Format everything and start from scratch, if your server logs stored on / were wiped out that means you got some malware.
 
Did you backup your drive from time to time?
Now find out if you have server logs stored in their place or not.
If they are stored where they should be then you would be lucky to just have corrupted data.
If there are no server logs then you have been attacked.
Now the question arises is, "Do you have the expertise to solve this problem or can find somebody who can solve it for you?"
If either is not possible then you will have to wipe the whole drive, plug the loophole, and begin again.
 
Did you backup your drive from time to time?
Now find out if you have server logs stored in their place or not.
If they are stored where they should be then you would be lucky to just have corrupted data.
If there are no server logs then you have been attacked.
Now the question arises is, "Do you have the expertise to solve this problem or can find somebody who can solve it for you?"
If either is not possible then you will have to wipe the whole drive, plug the loophole, and begin again.

I recovered the data (tons of movies, pictures, etc) but the recovery program gave everything cryptic file names. Im going to have to go through thousands of pictures one by one or just dump them all in a folder.

The movies/tv shows I have are recovered as well... gonna have to go through a couple thousand files and rename them -_-
 
I recovered the data (tons of movies, pictures, etc) but the recovery program gave everything cryptic file names. Im going to have to go through thousands of pictures one by one or just dump them all in a folder.

The movies/tv shows I have are recovered as well... gonna have to go through a couple thousand files and rename them -_-

Lucky because sometimes recovered media files (especially large files) are unreadable.
 
Lucky because sometimes recovered media files (especially large files) are unreadable.

At this point I have no idea what actually happened. The whole thing is pretty random and ridiculous.
 
Doesnt make a whole lot of sense to me. I have no idea what I did. I may have been a victim of some type of cyber attack because my home server logs are all wiped out as well so I cant see if anything actually happened. I was running SnapRAID on my server and the content and parity files are all missing. I really dont know what to think... maybe somehow I entered the perfect storm of BS and my drive just happened to mess up which made the other issues obvious.

One minute my drive was working, the next it appeared to have no active partition. Drive is good with low hours, an 8tb WD drive with no SMART errors. I was thinking maybe I borked the directory when I typed out the command or something but, even then, I have no idea how a copy command could screw up a partition. So far I have been unable to recover the data (about 5tb worth) or restore the partition. Im running a deep scan on the drive right now trying to see if I can get the data copied to another blank 8tb drive.

Server is running OpenMediaVault and I generally access it through the web interface and/or with putty.

I dont really know what to even ask for help with because I dont even know what happened or why it happened.
Do you remember the path you used in the copy command? If a device file (/dev/*) somehow got written to, then all kinds of stuff could go wrong. Normal users can't write to them, but if you escalated priviledges, all bets are off.

Also, depending on how you escalated priviledges, the working path can change. So if you did a relative path in the command, it may have been relative to root, or $(user)'s home dir.
 
Back
Top