Ransomware protection on networks

Page 1 of 2 12 LastLast

  1. Posts : 177
    Windows 10, usually latest version
       #1

    Ransomware protection on networks


    I don't have a specific problem as much as a concern.

    There has been a lot of media attention to Ransomware lately, including infecting all systems on a network.

    We have several computers connected to a home network. All of the main systems run W10 (except for a couple of VM’s). All of the systems run Windows Defender, and most of the time with WD folder protection turned on. We also try to be internet careful, but there is always a possibility that one of the systems could get infected.

    I am now running my main systems with Network Discovery turned off. This isn’t a problem because I can still access the other systems via I.P addresses.

    I guess my question is: Do you think it’s possible for malware to jump to other systems on the network with discovery turned off, or am I being overly paranoid?
      My Computers

  2. Samuria's Avatar
    Posts : 6,036
    windows 10
       #2

    Its simple enough it scan everyhing in the local subnet and scan the registery for referances to other ips try a free network scan

    Advanced IP Scanner - Download Free Network Scanner.
      My Computer


  3. Posts : 177
    Windows 10, usually latest version
    Thread Starter
       #3

    @Samuria Thanks for the input. There isn't any real protection then, except being very careful.
      My Computers

  4. Samuria's Avatar
    Posts : 6,036
    windows 10
       #4

    The main protection is permissions thatswhy MS set a lot of folders owned by system so nothing can write to the o/s folders if you share folders and give everyone rights the malware has rights as well.

    One of the best security products is WinPatrol Security made easy! they do a anti ransomeware but there winpatrol is great its saved me many times and stopped things AV didnt catch. It monitors the registery and block any writes to it until you give perimmision most malware trys to write to it to run at start etc but winpatroll stops it
      My Computer


  5. Posts : 177
    Windows 10, usually latest version
    Thread Starter
       #5

    Samuria said:
    It monitors the registery and block any writes to it until you give perimmision
    Thanks again. Sounds good.

    W. D. Folder protection stops everything from being saved to a protected folder, but doesn't give the user an option to say yes or no. The message flashes by so fast, I usually don't know what was actually blocked. WinPatrol sounds easier to work with.
      My Computers


  6. Posts : 177
    Windows 10, usually latest version
    Thread Starter
       #6

    Samuria said:
    The main protection is permissions thatswhy MS set a lot of folders owned by system so nothing can write to the o/s folders if you share folders and give everyone rights the malware has rights as well.
    Giving "Everyone" permission is a bad idea. When I share it's always to a specific username.
      My Computers

  7. Caledon Ken's Avatar
    Posts : 24,170
    Windows 10 Pro x64 Version 2004
       #7

    Controlled access in WD is developing and will see further enhancements is 1809.

    Last couple of pages of this thread. That said plenty of info in thread.

    Add Protected Folders to Controlled Folder Access in Windows 10

    Never tried Winpatrol. If it depends on user input and you have a group of people on network with different levels of awareness I would be looking at secondary defense as well.

    I use Macrium Reflect, purchased version, that has Image Guard. This way at least my backups are protected from intrusion. Especially important as some people keep their backup devices online.

    I must investigate Winpatrol.
      My Computer


  8. Posts : 177
    Windows 10, usually latest version
    Thread Starter
       #8

    Garyw said:
    I guess my question is: Do you think it’s possible for malware to jump to other systems on the network with discovery turned off, or am I being overly paranoid?
    @Samuria
    Its simple enough it scan everyhing in the local subnet and scan the registery for referances to other ips try a free network scan
    Seems to answer my question.

    @Caledon Ken
    Controlled access in WD is developing and will see further enhancements is 1809.

    Last couple of pages of this thread. That said plenty of info in thread.

    Add Protected Folders to Controlled Folder Access in Windows 10
    With the possibility that CFA will actually become useful, I will mark this thread solved, and work with the above info. Thanks for the input.
      My Computers

  9. jimbo45's Avatar
    Posts : 10,470
    Windows / Linux : Arch Linux
       #9

    Hi there

    @Garyw

    Hope you weren't too much in trouble with recent storm in Florida.

    Ransomware these days isn't really the problem its made out to be

    Here's a simple relatively NON GEEKY solution to deal with it -- doesn't cost anything either.

    1) Download some Free backup software -- Macrium Free is liked by loads on this forum and its easy to use.

    2) create on USB the bootable rescue media -- easily done from the menu of the backup program

    3) Take an Image backup of your system on to an external HDD. (Take these regularly).

    Now if you get ransomware do the following.

    1) Power off computer immediately --- don't shutdown via windows -- hard power off via switch

    2) if on a LAN disconnect the lan cable

    3) power computer back on and boot from the bootable recovery USB you made in step 2) in the first part of the post.

    4) restore the os / system.

    Job done -- quick, easy no hours with virus cleansing software etc etc.

    Golden rule with these things is NEVER PANIC - just go about the thing logically -- do not randomly type keys or whatever in an attempt to shut the program down -- just switch off entire machine immediately !!!

    For me I've found WD more than adequate -- never needed anything else -- but that's another issue. The main thing is whatever you use is to take regular clean backups so in the event of any problems simply restore.

    System restores can be done usually very much quicker -- especially if the backup is on an SSD even an SSD attached to computer via USB3-->sata connector than any amount of "Virus cleansing" and will be 100% reliable --you can never be 100% sure than any A/V cleansing process has actually totally fixed the machine.

    Cheers
    jimbo
      My Computer

  10. Barman58's Avatar
    Posts : 3,927
    Windows 10 Pro x64 2004 - 19041 - 264 XP/Vista/Win7/Win8.1 in VM for testing
       #10

    Recently there has been an important change in network protection, Netgear have got together with Bitdefender to add BD Anti Malware to some Netgear routers, this follows the way that a lot of Pro networks have been set-up for many years.

    It's usually the case that most Malware will enter the LAN through the network so it make a lot of sense to control it at the same point, (In pro systems this was all done at the Server).

    I am currently trialling the system for a few months before I "pull the Trigger" but it does appear to be a usable system You have the option to install BD protection to any or all of the individual devices, (PC,Laptop, Mac, Ios, Android are supported), which is a great idea for mobile devices, or you can run scans and set protection centrally from the Router.

    This is not something for everyone, especially as there are many good free options, as I deal with other people's data at times, I use a commercial package for most things, but the price of this package, (if you have the correct router, which is a limited range at present), is around the Ł60 per annum for a home network with unlimited devices, (Fair use around 20 Devices).

    If this trial system works I can see other manufacturers Routers being given suitable firmware and software, to include the AM protection from others so it's something to maybe keep an eye on for possible for future use
      My Computers


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:51.
Find Us




Windows 10 Forums