Real World Computing
All tooled up
Data recovery is about as simple as it is with more or less any other backup software, which is to say nowhere near as easy as you want it to be when you're asked to find a deleted file just before you were about to leave the office for the night, but it's nowhere near as painful as having to recreate that file from scratch. Its only downside is that there's no Amanda client for Windows: you can use SAMBA to share your Windows disks and back them up that way, but that route is far from foolproof, as SAMBA sometimes raises permissions issues, for example. For that reason, we tend to stick with Retrospect (a commercial package) to back up our Windows servers, but for any flavour of Unix you're dealing with Amanda works like a charm.
ClamAV
Clam AntiVirus sits on all of the servers that handle our email. It either disinfects mail or refuses to let through any virus- or worm-infected mails. In the time we've been using it (which is at least three years now), it hasn't yet failed to detect a virus-infected email, which is good enough for us. The software is usually run as an add-on or module to your main email server, where it scans and filters emails as they arrive or are sent out. However, it can be used as a standalone program to scan your hard disk (for example, there's a port of it to Mac OS X that provides a nice, cuddly graphical user interface to the whole thing, and a couple of Windows ports are around as well).
It's true that this program isn't going to take the place of something like Norton AntiVirus on your desktop Windows machines, because even though it's good at scanning email it can't stop your users downloading infected software via the web or bringing it in from home on flash drives or CD-ROMs. But at least it closes one major security hole and doesn't cost a penny. You can configure the software to download new, updated anti-virus definitions automatically, usually using cron running on a Unix box, and it can be set up to either quarantine or automatically delete infected files.
Installation can be tricky if you're unfamiliar with exactly how your email server works, but these days more and more pre-built binaries exist that include both the mail server and ClamAV (plus SpamAssassin and other useful bits and pieces too). So it's a good idea to check to see whether a pre-built binary exists for your system before you get your hands dirty by starting to compile the thing yourself.
Knoppix emergency CD
Actually, your emergency CD doesn't have to be based on Knoppix, as there are several other Linux distributions around now that come as "live CD" distributions - in other words, these distros can be booted from, and will run from, a CD without touching your computer's hard drive at all. But certainly an emergency CD of some sort needs to be in every administrator's toolkit, and Knoppix is one of the most popular.
Whether the machine you're trying to fix is a Linux box or a Windows PC, the Knoppix CD will boot the machine and, in most cases, will mount the hard disk, thus allowing you to copy the vital files that your user "forgot" to back up. In many cases, you can also use the Knoppix CD to actually repair the hard disk, as it comes with a range of disk-manipulation tools. These will work better if your Windows hard drive has been formatted as a FAT32 partition rather than NTFS, since support for the latter in read/write mode is still considered experimental in Linux, but in practice we've been able to recover data from corrupted NTFS disks without problems in the past. The Knoppix CD has support for networking, so once booted your computer should be able to connect to remote servers, both Windows-based and FTP, and files can be easily transferred.
