Ransomware protection on networks Solved

Page 1 of 2 12 LastLast
  1.    10 Oct 2018 #1

    Ransomware protection on networks


    I don't have a specific problem as much as a concern.

    There has been a lot of media attention to Ransomware lately, including infecting all systems on a network.

    We have several computers connected to a home network. All of the main systems run W10 (except for a couple of VMís). All of the systems run Windows Defender, and most of the time with WD folder protection turned on. We also try to be internet careful, but there is always a possibility that one of the systems could get infected.

    I am now running my main systems with Network Discovery turned off. This isnít a problem because I can still access the other systems via I.P addresses.

    I guess my question is: Do you think itís possible for malware to jump to other systems on the network with discovery turned off, or am I being overly paranoid?
      My ComputersSystem Spec

  2.    10 Oct 2018 #2

    Its simple enough it scan everyhing in the local subnet and scan the registery for referances to other ips try a free network scan

    Advanced IP Scanner - Download Free Network Scanner.
      My ComputerSystem Spec

  3.    10 Oct 2018 #3

    @Samuria Thanks for the input. There isn't any real protection then, except being very careful.
      My ComputersSystem Spec

  4.    10 Oct 2018 #4

    The main protection is permissions thatswhy MS set a lot of folders owned by system so nothing can write to the o/s folders if you share folders and give everyone rights the malware has rights as well.

    One of the best security products is WinPatrol Security made easy! they do a anti ransomeware but there winpatrol is great its saved me many times and stopped things AV didnt catch. It monitors the registery and block any writes to it until you give perimmision most malware trys to write to it to run at start etc but winpatroll stops it
      My ComputerSystem Spec

  5.    10 Oct 2018 #5

    Samuria said: View Post
    It monitors the registery and block any writes to it until you give perimmision
    Thanks again. Sounds good.

    W. D. Folder protection stops everything from being saved to a protected folder, but doesn't give the user an option to say yes or no. The message flashes by so fast, I usually don't know what was actually blocked. WinPatrol sounds easier to work with.
      My ComputersSystem Spec

  6.    10 Oct 2018 #6

    Samuria said: View Post
    The main protection is permissions thatswhy MS set a lot of folders owned by system so nothing can write to the o/s folders if you share folders and give everyone rights the malware has rights as well.
    Giving "Everyone" permission is a bad idea. When I share it's always to a specific username.
      My ComputersSystem Spec

  7. Caledon Ken's Avatar
    Posts : 11,657
    Windows 10 Pro x64 Build 1803
       11 Oct 2018 #7

    Controlled access in WD is developing and will see further enhancements is 1809.

    Last couple of pages of this thread. That said plenty of info in thread.

    Add Protected Folders to Controlled Folder Access in Windows 10

    Never tried Winpatrol. If it depends on user input and you have a group of people on network with different levels of awareness I would be looking at secondary defense as well.

    I use Macrium Reflect, purchased version, that has Image Guard. This way at least my backups are protected from intrusion. Especially important as some people keep their backup devices online.

    I must investigate Winpatrol.
      My ComputerSystem Spec

  8.    11 Oct 2018 #8

    Garyw said: View Post
    I guess my question is: Do you think itís possible for malware to jump to other systems on the network with discovery turned off, or am I being overly paranoid?
    @Samuria
    Its simple enough it scan everyhing in the local subnet and scan the registery for referances to other ips try a free network scan
    Seems to answer my question.

    @Caledon Ken
    Controlled access in WD is developing and will see further enhancements is 1809.

    Last couple of pages of this thread. That said plenty of info in thread.

    Add Protected Folders to Controlled Folder Access in Windows 10
    With the possibility that CFA will actually become useful, I will mark this thread solved, and work with the above info. Thanks for the input.
      My ComputersSystem Spec

  9. jimbo45's Avatar
    Posts : 6,158
    Windows / Linux : Centos, Ubuntu, OpenSuse
       12 Oct 2018 #9

    Hi there

    @Garyw

    Hope you weren't too much in trouble with recent storm in Florida.

    Ransomware these days isn't really the problem its made out to be

    Here's a simple relatively NON GEEKY solution to deal with it -- doesn't cost anything either.

    1) Download some Free backup software -- Macrium Free is liked by loads on this forum and its easy to use.

    2) create on USB the bootable rescue media -- easily done from the menu of the backup program

    3) Take an Image backup of your system on to an external HDD. (Take these regularly).

    Now if you get ransomware do the following.

    1) Power off computer immediately --- don't shutdown via windows -- hard power off via switch

    2) if on a LAN disconnect the lan cable

    3) power computer back on and boot from the bootable recovery USB you made in step 2) in the first part of the post.

    4) restore the os / system.

    Job done -- quick, easy no hours with virus cleansing software etc etc.

    Golden rule with these things is NEVER PANIC - just go about the thing logically -- do not randomly type keys or whatever in an attempt to shut the program down -- just switch off entire machine immediately !!!

    For me I've found WD more than adequate -- never needed anything else -- but that's another issue. The main thing is whatever you use is to take regular clean backups so in the event of any problems simply restore.

    System restores can be done usually very much quicker -- especially if the backup is on an SSD even an SSD attached to computer via USB3-->sata connector than any amount of "Virus cleansing" and will be 100% reliable --you can never be 100% sure than any A/V cleansing process has actually totally fixed the machine.

    Cheers
    jimbo
      My ComputerSystem Spec

  10. Barman58's Avatar
    Posts : 2,843
    Windows 10 Pro x64 1809 - 17763.134 XP/Vista/Win7/Win8.1 in VM for testing
       12 Oct 2018 #10

    Recently there has been an important change in network protection, Netgear have got together with Bitdefender to add BD Anti Malware to some Netgear routers, this follows the way that a lot of Pro networks have been set-up for many years.

    It's usually the case that most Malware will enter the LAN through the network so it make a lot of sense to control it at the same point, (In pro systems this was all done at the Server).

    I am currently trialling the system for a few months before I "pull the Trigger" but it does appear to be a usable system You have the option to install BD protection to any or all of the individual devices, (PC,Laptop, Mac, Ios, Android are supported), which is a great idea for mobile devices, or you can run scans and set protection centrally from the Router.

    This is not something for everyone, especially as there are many good free options, as I deal with other people's data at times, I use a commercial package for most things, but the price of this package, (if you have the correct router, which is a limited range at present), is around the £60 per annum for a home network with unlimited devices, (Fair use around 20 Devices).

    If this trial system works I can see other manufacturers Routers being given suitable firmware and software, to include the AM protection from others so it's something to maybe keep an eye on for possible for future use
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Solved Win 10 Ransomware protection blocks iTunes in AntiVirus, Firewalls and System Security
edit: I think I figured it out. Added iTunes application as an allowed app. Not sure if it defeats the purpose of the Ransomware protection though. Enabled ransomware protection and now iTunes won't open. If I turn it off iTunes opens fine. ...
This is brand spanking new software and cautious that I am I will probably wait until the next version comes out before installing but I am curious if anyone else has come across this yet and decided to give it a go and install it. ...
Sadly, protection from ransomware is not totally possible in AntiVirus, Firewalls and System Security
I was trying to see what might be a good way to protect oneself from ransomware. The reason that I started thinking about this is that my external backup disks are continuously connected to my PC. This would mean that a ransomware attack could...
Ransomware Protection? in AntiVirus, Firewalls and System Security
Been visiting a website that discusses ransomware and all of the nasty things that can happen, starting to make me paranoid. Data files are backed up and stored offline, but still...So, I am looking for a quality anti-ransomware software package. As...
I like backing up to local drives--I back up to the cloud also, but I like knowing I can get my data back quickly, even if the internet is down, as long as it's a simple problem like a main hard drive failure. But in order to do automatic local...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:32.
Find Us