Jump to content

... And Ransom ware... Rrrrrrr

chef

By chef
in Non-Emby General Discussion

 Share

Recommended Posts

Guest asrequested

Guest asrequested  

Posted
Posted

Yes wail2ban. I was just looking at the GitHub yesterday. I'll set this up for certain.

If you get a USG, IPS does a good of blocking IPs. But you'll need to get the Pro or better, so it doesn't completely crush your bandwidth. I've also got pfsense in front of my USG. So I'm going to configure that, too.

  • Like 1
Link to comment
Share on other sites
tdiguy

tdiguy   96

Posted
Posted

I think part of the issue is that windows has the ability to seamlessly encrypt the whole drive, so such operations are not considered suspicious, its simply a user option to do so.

  • Like 1
Link to comment
Share on other sites
chef

chef   3745

Posted
  • Author
Posted

I think part of the issue is that windows has the ability to seamlessly encrypt the whole drive, so such operations are not considered suspicious, its simply a user option to do so.

That's a good point, and unfortunately it is a security risk. There was quite bit of data that was encrytped. It's too bad that nothing I had installed could have caught that much encryption happing all at once. Especially when system files where changed. That stopped me from accessing windows. I guess it's true no account with forward facing applications should have admin privileges. If that is even a possibility.

 

Live and learn...

Link to comment
Share on other sites
tdiguy

tdiguy   96

Posted
Posted

I will also say, I agree with you it should be considered suspicious when anything wants to encrypt every drive on a system all at once. When you have av that says it protects against ransomware it's amazing such operations are not considered suspicious. Very sorry this hit you.

 

Sent from my moto g(6) play using Tapatalk

  • Like 1
Link to comment
Share on other sites
speechles Emby Team

speechles   1917

Posted
Posted (edited)

what is odd is that they advertise it protects against ransomware. In court that may be part of a class action lawsuit possiblility. You should reach out to other users who experienced the same thing and see if you can punish them for having that "protects against ransomware" line in their literature and get it removed and get your class some compensation. I am sure if you craft up litigation to start it and invite others into the class your share of the take is larger than others. You might want to pursue such an option.

 

https://www.wikihow.com/Organize-a-Class-Action-Lawsuit

Edited by speechles
Link to comment
Share on other sites
chef

chef   3745

Posted
  • Author
Posted

what is odd is that they advertise it protects against ransomware. In court that may be part of a class action lawsuit possiblility. You should reach out to other users who experienced the same thing and see if you can punish them for having that "protects against ransomware" line in their literature and get it removed and get your class some compensation. I am sure if you craft up litigation to start it and invite others into the class your share of the take is larger than others. You might want to pursue such an option.

 

https://www.wikihow.com/Organize-a-Class-Action-Lawsuit

There was a "shield" in the UI called "Ransomware Shield".

Link to comment
Share on other sites
Spaceboy

Spaceboy   2491

Posted
Posted

what is odd is that they advertise it protects against ransomware. In court that may be part of a class action lawsuit possiblility. You should reach out to other users who experienced the same thing and see if you can punish them for having that "protects against ransomware" line in their literature and get it removed and get your class some compensation. I am sure if you craft up litigation to start it and invite others into the class your share of the take is larger than others. You might want to pursue such an option.

 

https://www.wikihow.com/Organize-a-Class-Action-Lawsuit

surely no firm of this kind provides a guarantee? I’m sure deep down in the small print they will excuse themselves. Also the word protects implies an aim not certainty
Link to comment
Share on other sites
chef

chef   3745

Posted
  • Author
Posted (edited)

Four days later, and I have been able to rerip twelve movies! fortunately movies that I had ripped and sold many years ago are gone forever, and I'm not about to torrent my library back into existence. I just don't like the idea of torrenting. I don't condemn it, I just don't do it... Kind of like Cannabis... LOL.

It's legal now where I am from, but I just don't like the panicked feeling I get. LOL!!

Edited by chef
Link to comment
Share on other sites
tdiguy

tdiguy   96

Posted
Posted

It's possible the library might have or be able to get the old movies. I have been very happy to find some very old movies I liked in the library. Like the tv series from BBC hitchhikers guide to the Galaxy pretty hard to find but I was able to get it sent right to my local library.

 

Sent from my moto g(6) play using Tapatalk

  • Like 1
Link to comment
Share on other sites
Chyron

Chyron   221

Posted
Posted

Four days later, and I have been able to rerip twelve movies! fortunately movies that I had ripped and sold many years ago are gone forever, and I'm not about to torrent my library back into existence.

 

This is why I use Backblaze to backup my files.

  • Like 1
Link to comment
Share on other sites
One2Go

One2Go   98

Posted
Posted

I just don't like the idea of torrenting. I don't condemn it, I just don't do it... Kind of like Cannabis... LOL.

It's legal now where I am from, but I just don't like the panicked feeling I get. LOL!!

I am on two private trackers that cover the vast majority of TV and movie content. Been at the movie tracker for over 13 years with 24TB in activity and with the TV tracker been a member for over 5 years with just short of 24TB of total content. The advantage of the private torrent trackers is that they have the best of video and audio available and then combined into one release. Some of their internal releases repair studio and network errors by correcting them using different global sources. Also I am a member of a dedicated private tracker where links to rare / hard to find movies are posted like Out Of Print or never publicly released content. This past Black Friday there were fantastic Usenet deals available which help with the rebuilding of a lost library. Finally I am on a Usenet forum where members have helped each other to rebuild lost libraries due to HD failures.

 

Don't be disparaged you will get the vast majority of your library back and the remaining missing parts you will eventually forget about or eventually replace them with better versions. Been my experience with my failed HDs the more time passes the less valuable the lost content becomes.

 

The Avast forum where you posted is having a very lively discussion with the usual advise about backups and no 100% protection. One post was interesting that an AV company will pay you $500 for a ransom ware attack when their software was not able to avert it.

Link to comment
Share on other sites
Latchmor

Latchmor   584

Posted
Posted

Just adding my vote for Sophos Home Premium. I've used for free since Jan this year as I was a beta tester. They've a 30% off deal right now ($50>$35 or £40>£28) so I've just went and paid for it this time.  :)

  • Like 1
Link to comment
Share on other sites
One2Go

One2Go   98

Posted
Posted

Reading Chef's post in the Avast forum and the replies from one of the fanboys or hired damage control posters, it looks like more and more that next August my dealings with Avast bill come to an end,

  • Like 1
Link to comment
Share on other sites
Jdiesel

Jdiesel   1113

Posted
Posted

I'm surprised how many people are using third party virus software, both free and paid. I have used Microsoft Security Essentials and now Windows Defender exclusively since Windows 7 was released and have never had any issues with viruses. I occasionally manually run MalwareBytes but that is it. I've always found AV software to be an annoyance and to not provide any real benefit in my use case.  

  • Like 3
Link to comment
Share on other sites
Guest asrequested

Guest asrequested  

Posted
Posted

A few things I like about Sophos. It has a web configurator. So you can run scans from outside your network. It runs along side windows' own security. I do all kinds of monkey business on one of my machines, and it's caught quite a few things (not ransomware). It also encrypts your web browser when you're using it. It runs quietly in the background. You almost don't know it's there.

  • Like 1
Link to comment
Share on other sites
Spaceboy

Spaceboy   2491

Posted
Posted

I'm surprised how many people are using third party virus software, both free and paid. I have used Microsoft Security Essentials and now Windows Defender exclusively since Windows 7 was released and have never had any issues with viruses. I occasionally manually run MalwareBytes but that is it. I've always found AV software to be an annoyance and to not provide any real benefit in my use case.

same here, the only impression I get from reading about people’s interaction with av software here is that it either stops you doing what you want or it doesn’t work.

 

However I am going to try drivebender’s new pool firewall feature which is supposed to protect against ransom ware by stopping unauthorised programs writing to your drive pool.

  • Like 1
Link to comment
Share on other sites
chef

chef   3745

Posted
  • Author
Posted (edited)

A few things I like about Sophos. It has a web configurator. So you can run scans from outside your network. It runs along side windows' own security. I do all kinds of monkey business on one of my machines, and it's caught quite a few things (not ransomware). It also encrypts your web browser when you're using it. It runs quietly in the background. You almost don't know it's there.

Yes, I also like this about Sophos. So far it's been really fantastic. I guess the true test will be this weekend when I finally enable my domain and proxy again for the first time.

 

I'm just trying to best understand wail2ban before I open any ips and port s again. I've also asked a fellow emby member who has a pretty good ethical hacking skill to pentest the domain.

 

Fingers crossed.

Edited by chef
Link to comment
Share on other sites
chef

chef   3745

Posted
  • Author
Posted (edited)

I'm surprised how many people are using third party virus software, both free and paid. I have used Microsoft Security Essentials and now Windows Defender exclusively since Windows 7 was released and have never had any issues with viruses. I occasionally manually run MalwareBytes but that is it. I've always found AV software to be an annoyance and to not provide any real benefit in my use case.

same here, the only impression I get from reading about people’s interaction with av software here is that it either stops you doing what you want or it doesn’t work.

 

However I am going to try drivebender’s new pool firewall feature which is supposed to protect against ransom ware by stopping unauthorised programs writing to your drive pool.

Just becareful because I thought I was in lockdown too, but there where unforseen holes in my security, and I still can't quite figure out what exactly they where, only that it might have been a hack through an open port (443 or 80) since I don't open email or auto open any files on the server. Edited by chef
Link to comment
Share on other sites
Latchmor

Latchmor   584

Posted
Posted

Well I use Sophos because I get 10 licences and I give some to family and golf club. I monitor these remotely as it's me that gets the calls of help anyway and these users are more click happy than me!

Link to comment
Share on other sites
One2Go

One2Go   98

Posted
Posted (edited)

That is terrible and I feel for you as was commented on the Avast forum "Avast failed in behavior-based detection specifically aimed at ransomware behaviors" which now makes me rethink my license situaton. Avast is not cheap and I need a minimum of 4 licenses. I still can wrap my head around how they got a hold of your box. I only have Win 7 PCs nothing server like but I do have 2 Unraid servers with all my content on them however the only access to the Internet they have is updating the UnRaid OS.

 

as in the forum this one jerk said you always have the option to pay the ransom. Comes down to the question of time versus money. As I found out Principles are very expensive if you trying to stick by the Principle that this is rewarding crime.

Edited by One2Go
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...