Koozali.org: home of the SME Server

Contribs.org Forums => General Discussion => Topic started by: esperinas on February 03, 2016, 10:18:06 AM

Title: About ransomware
Post by: esperinas on February 03, 2016, 10:18:06 AM: Hi all,

My lan : SME9 & all Windows7 client.

There is no local disk data. All data is shared on SME-server. My question: a ransomware malware can it encrypt data on a ibay?

Regards, G.
Title: Re: About ransomware
Post by: Stefano on February 03, 2016, 11:13:21 AM: yes, as long as your clients are connected to it

some hints:
- be sure to use an uptodate AV on clients
- use https://wiki.contribs.org/Clamav_unofficial_sigs
- be sure you have a good backup
Title: Re: About ransomware
Post by: esperinas on February 03, 2016, 11:26:37 AM: Ok, Thank ..
Title: Re: About ransomware
Post by: DanB35 on February 03, 2016, 06:19:08 PM: Quote from: Stefano on February 03, 2016, 11:13:21 AM
- be sure you have a good backup
This, really, is the critical piece, for many reasons other than just ransomware. Ideally, it should even be backed up offsite. Stuff happens, and you really can't have too many backup copies of your data.
Title: Re: About ransomware
Post by: janet on February 03, 2016, 09:28:42 PM: esperinas

Quote
All data is shared on SME-server. My question: a ransomware malware can it encrypt data on a ibay?

...and another good way to stop incoming viruses etc, is to use executable content blocking on the server, so email attachments that contain nasty code cannot get into your system via emails.
The cost penalty is that users cannot send/receive certain types of attachments, but you can create an upload/download facility on the server using numerous software tools.
Ideally block all zip (v1, v2 & others) because that wil really stop a huge amount of viruses & spam that can still get through otherwise.
....and of course use RBL lists (enable them on sme server).
Read the FAQ & Email Howto for details.
Title: Re: About ransomware
Post by: ReetP on February 05, 2016, 02:37:53 AM: Quote from: Stefano on February 03, 2016, 11:13:21 AM
yes, as long as your clients are connected to it

some hints:
- be sure to use an uptodate AV on clients
- use https://wiki.contribs.org/Clamav_unofficial_sigs
- be sure you have a good backup

You forgot....

Don't use Windows on your desktop.... ;-)
Title: Re: About ransomware
Post by: brianr on February 05, 2016, 08:32:49 AM: Quote from: ReetP on February 05, 2016, 02:37:53 AM
You forgot....

Don't use Windows on your desktop.... ;-)

I so agree on this! :-P
Title: Re: About ransomware
Post by: ReetP on February 05, 2016, 10:34:42 AM: Quote from: brianr on February 05, 2016, 08:32:49 AM
I so agree on this! :-P

Hehehe.

It's not perfect and should be used in conjunction with Stefanos other excellent advice, but helps a lot in my experience.....
Title: Re: About ransomware
Post by: janet on February 05, 2016, 02:52:14 PM: ReetP

Quote
Don't use Windows on your desktop.... ;-)

Easily said, but for many of us this is not so practical to do in the real world.
There are many commercial mission critical software that requires Windows to run, & there are simply no open source alternatives eg statutory compliance software required by government departments etc etc etc.
Title: Re: About ransomware
Post by: brianr on February 05, 2016, 03:37:26 PM: Quote from: janet on February 05, 2016, 02:52:14 PM
ReetP

Easily said, but for many of us this is not so practical to do in the real world.
There are many commercial mission critical software that requires Windows to run, & there are simply no open source alternatives eg statutory compliance software required by government departments etc etc etc.

True (ish) but never ignore an opportunity to make the point... 8-)