Reevaluate your backup strategy in the face of current ransomware trojans like Locky

Discussion in 'backup, imaging & disk mgmt' started by manolito, Feb 21, 2016.

Page 5 of 5
  1. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    You are 100% correct.
     
    bgoodman4, May 7, 2016
    #101
  2. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    Peter, I took a look at No Script and am not sure how it makes things safer. You have to allow scripts for pages you are visiting,,,,how do you know you are on the banks legit site and not a look alike?
     
    bgoodman4, May 10, 2016
    #102
  3. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,926
    For that purpose, you need a different extension: WOT
     
    oliverjia, May 10, 2016
    #103
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Oliver

    Totally disagree. All WOT tells you is how a group of people rated a site. Useful yes, but not fool proof. Also most people would rate their bank site okay. But it useless to tell me if today there is a mis direct on that site.

    HI Barry

    Two things. First when I first installed No Script, I looked at the the scripts running and those preventing log in. I tried each one, one by one, until I figured out which one I needed. Secondly, No scripts alerts you when it encounters a redirect script. I've seen it on some dodgy sites, warning me something was trying to direct the browser to another site. This should also alert you if there is an attempt to mis direct you to a look alike bank site.

    Pete
     
    Peter2150, May 10, 2016
    #104
  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,887
    Location:
    Stockholm Sweden
    Isnt there a way to allow only the backup software to write in an folder or drive? If so, the ransomware cant encrypt the backup files and you can have the drive online all the time?
     
    sukarof, May 10, 2016
    #105
  6. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,644
    Location:
    Under a bushel ...
    This was indirectly discussed earlier ... Excubits Pumpernickel (scroll down a bit at this link) can do this but it is beta, and you may not be comfortable with it ...
     
    paulderdash, May 10, 2016
    #106
  7. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    Thanks Peter, much appreciated. Out of curiosity,,,,would anti logging software help prevent the loss of passwords etc in this sort of case or is it the case that since you are on a non-legit site the passwords etc are vulnerable?
     
    bgoodman4, May 10, 2016
    #107
  8. TheRollbackFrog

    TheRollbackFrog Imaging Specialist

    Joined:
    Mar 1, 2011
    Posts:
    4,954
    Location:
    The Pond - USA
    "Pumpernickle" works very well at this stage using a kernel mode Windows driver and the ability to either WHITELIST or BLACKLIST specific apps/locations as far as writing DATA is concerned. It's controlled through an INI file at the moment and has no GUI for driver activation or INI control. It will be headed that way as it nears its BETA end.

    The only "flaw" (my opinion) I chatted about with the Devs was that it only uses AppName and Location at the moment to legitimize a WHITELIST or BLACKLIST function... this information can easily be forged by a rogue app. I asked the Devs to seriously consider HASHing that information <MD5, SHA, whatever> so that a forgery would be extremely difficult to perform. They said they would seriously consider it.

    I'm currently running it on my system... at the moment replacing FolderGuard for the same function during my testing phase.
     
    TheRollbackFrog, May 10, 2016
    #108
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    HI Barry

    An anti keylogger is on your system, and it stops keylogging on your system and sending anything to someplace, but does nothing to help if you have been mis directed to a phony site and enter your passwords. It is the site that is logging them. So you need something in the browser that keeps you from being sent to a phony site.

    No Script is a pain, but it does the job.

    Pete
     
    Peter2150, May 10, 2016
    #109
  10. bgoodman4

    bgoodman4 Registered Member

    Joined:
    Jan 13, 2009
    Posts:
    3,237
    Thank you for the explanation. You mentioned that No Script will tell you if you have been misdirected, I would think this is all you need to know rather than having to make note of the various scripts etc. Is it possible or not likely to be redirected even if you have your banks link in your favorites?
     
    bgoodman4, May 10, 2016
    #110
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I prefer to block all the unnecessary scripts running. Some of it is garbage. Since the link in favorites should be to just the login, I don't think it would hurt anything.
     
    Peter2150, May 10, 2016
    #111
  12. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,672
    Location:
    Philippines
    I agree with this. States my observation as well and I do the same.
     
    chrisretusn, May 10, 2016
    #112
  13. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,672
    Location:
    Philippines
    My back up strategy most remains the same. Automated nightly back ups.
     
    chrisretusn, May 10, 2016
    #113
  14. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,644
    Location:
    Under a bushel ...
    Thank you :)
     
    paulderdash, May 11, 2016
    #114
  15. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    982
    Location:
    UK
    chrcol, May 11, 2016
    #115
Page 5 of 5
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...