You heard perhaps last day’s about the major problems of Attacks to Systems with the „WannaCry“ Crypto Ware
Howto protect yourself?
- Enable the Firewall on Windows Systems!! Always!
- Update daily the Virus Scanners and Windows Patches!
- Disable and CLOSE Ports you never need! SMB Protocol is a open unencrypted Transfer Protocol!
- Use a second Router with Firewall behind your ISP Router or Modem! (openwrt, pfsense)
- Check with nmap Portscanner Tool the taken Rules and check if the work!
- For Network Access use ALWAYS SFTP with Authentification over KEYs Logins (Two Factor: Key and Password for unlock the Keyfiles id_rsa)
- For fresh installed Systems do a Full Backup of the Disk.
- To Save your work files use USB Drives or USB Sticks which can be unplugged, if you don’t need them.
- Backup weekly the Windows Disk to a external USB Disk 1TB sold for less than 50$
- ..last but not least use a Live CD of Linux like ubuntu to access the Internet..
Update:
- The Linux Windows Share Service called Samba is also under attack CVE-2017-7494
- to fix enter smb.conf with a Editor:
nt pipe support = no
- restart the Service with:
$service samba stop && service samba start
- Don’t use reload, to be secure that the config is really reloaded!! A „systemd“ Problem!
- Check the Samba Share for write and read access!