My Syncthing setup is that I have two 4tb disks - one for live sync with other (Windows only) machines on the network, including my main laptop. That always stays plugged in (i.e., it stays accessible on the local network).
And a ‘long term’ one that only gets plugged in once a week and gets mirrored to the current state of the live one with FreeFileSync.
These are external USB 3.0 disks running on an old Windows laptop at the quiet end of my local network.
If you look at the Properties of the ‘live’ disk, and then at the ‘Security’ tab for the disk, the Group or user names that are permitted to access it are:
- Everyone
- CREATOR OWNER
- SYSTEM
Whereas my long-term 4tb disk has these permissions for access:
- Authenticated Users
- SYSTEM
- Administrators ([NAMEOFUSER]\Administrators)
- Users ([NAMEOFUSER]\Administrators)
The ‘Everyone’ permission in the live disk alarms me because I once got ransomwared accidentally leaving MS’s default ‘Everyone’ setting untouched in a new local network share of a disk.
I know that this is not the same, and removing ‘Everyone’ can have some destructive ramifications.
Could anyone advise me on better settings for these disks? The disks are the exact same model, a Western Digital My Passport 4TB, both bought in the last few weeks.