Windows 10: New global ransomware attack hits East Europe and spreading

Page 10 of 10 FirstFirst ... 8910

  1. Posts : 124
    Windows 10.0.15063 (Version 1703) Pro 64-bit
       02 Jul 2017 #91

    Steve C said: View Post
    Great post 89 by Hydrate! I disabled NetBios as suggested. I also see you can disable NetBIOS via the TCP settings fro the network adapter. which is the best approach?

    I use Kaspersky Total Security and tried disabling the ports in KTS. However, video streaming from BBC iPlayer stops as soon as I disable port 137. It seems disabling these ports is not a good idea for me. It would be useful to know what these ports are used for so people can decide whether to disable them.
    This is an awesome discussion! so lively and rich!

    When you block the settings at the adapter level, this is known as reducing your attack surface.



    I suggest using Windows Firewall for BBC iPlayer and add an outbound inbound exception (rules can be overridden) for it while still adding the rules so the program can work. I do not depend on 3rd party paid software to do my bidding normally, but you should add the rules to Kaspersky and WF (I love Kaspersky).

    According to: Port 137 (tcp/udp) :: SpeedGuide

    Which is accurate.


    137 tcp,udp NetBIOS NetBIOS Name Service (official) Wikipedia
    137 tcp trojan Chode, Nimda Trojans
    137 udp trojan Bugbear, Msinit, Opaserv, Qaz Trojans
    137 tcp,udp netbios-ns NETBIOS Name Service IANA
    137 tcp Chode [trojan] Chode Neophasis
    137 tcp Qaz [trojan] Qaz Neophasis
    137 udp Msinit [trojan] Msinit Neophasis
    137 udp threat Femot Bekkoame
    137 udp threat Msinit Bekkoame
    137 tcp threat Chode Bekkoame


    The NetBIOS Name Service is sent outbound from svchost.exe and is used by a numerous amount of malware, now including Petya.
    It translate human readable names to IP addresses for IPv4 and is can be used across multiple protocols, however it may be safely disabled if you do not explicit use NetBIOS.
      My ComputerSystem Spec


  2. Posts : 2,470
    Windows 10 Home x64 (Laptop), Windows 10 Pro x64 (Desktop)
       02 Jul 2017 #92

    Hydrate said: View Post
    I suggest using Windows Firewall for BBC iPlayer and add an outbound inbound exception (rules can be overridden) for it while still adding the rules so the program can work. I do not depend on 3rd party paid software to do my bidding normally, but you should add the rules to Kaspersky and WF (I love Kaspersky).
    I know how to block Ports in Kaspersky Total Security but I can't work out how to add an exception for sites like BBC iPlayer. Any ideas?
      My ComputersSystem Spec


  3. Posts : 124
    Windows 10.0.15063 (Version 1703) Pro 64-bit
       02 Jul 2017 #93

    Steve C said: View Post
    I know how to block Ports in Kaspersky Total Security but I can't work out how to add an exception for sites like BBC iPlayer. Any ideas?
    My idea would be to simply remove the firewall rules made in Kaspersky and stick to Windows Firewall, add the normal blocking rule and add a outbound inbound rule for the .exe of BBC iPlayer with overriding allowed.
      My ComputerSystem Spec


  4. Posts : 2,470
    Windows 10 Home x64 (Laptop), Windows 10 Pro x64 (Desktop)
       02 Jul 2017 #94

    Hydrate said: View Post
    My idea would be to simply remove the firewall rules made in Kaspersky and stick to Windows Firewall, add the normal blocking rule and add a outbound inbound rule for the .exe of BBC iPlayer with overriding allowed.
    It's OK now. I was putting the port number in the remote port box instead of the local port box!
      My ComputersSystem Spec


  5. Posts : 124
    Windows 10.0.15063 (Version 1703) Pro 64-bit
       02 Jul 2017 #95

    Steve C said: View Post
    It's OK now. I was putting the port number in the remote port box instead of the local port box!
    There are no oopsies in the corporate IT world. Only pink slips.

    Jk, that's fine. It's important to configure correctly as it just defeats the whole purpose sometimes, such as in this case! I'm happy you caught the error.
      My ComputerSystem Spec


 
Page 10 of 10 FirstFirst ... 8910

Related Threads
It seems possible that this prophetic British Medical Journal letter from May 10 edition (online May 11, the day before the WannaCry Exploit hit the world) may have focussed the current ransomware attack on UK NHS hospitals: 135086 The...
So tonight, on the American TV show Chicago Med, the show dealt with the issue of ransomware. In this episode, the hospitalís entire computer network was locked out by Ransomware thus crippling the entire hospital. For the record, Chicago Med...
PAX (originally known as Penny Arcade Expo) is a series of gaming festivals held in Seattle, Boston, Melbourne, and San Antonio. PAX was created by Jerry Holkins and Mike Krahulik, the authors of the Penny Arcade webcomic, because they wanted to...
Solved Virus spreading over Wi-Fi!? in AntiVirus, Firewalls and System Security
So, my Dad is going to purchase a new Windows Device for me (A bit late for XMas). My Dad also owns devices that have been infected be Viruses and other infections. If I connect to the Wi-Fi on my Windows Device, can Viruses and other infections...
New Ransomware attack in AntiVirus, Firewalls and System Security
Only 5 days out and Win10 being screwed with. This link was in an E-Mail today: New Windows 10 scam will encrypt your files for ransom | ZDNet
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:06.
Find Us