0

Wannacry - A dangerous ransomware


Download & Secure  

 #Download LINK

A dangerous ransomware called Wannacry has been spreading widely all over the world including India. This ransomware encrypts your files in the computer and locks the device forcing the user to pay 300$ to 600$. The malware spreads through malicious emails and a security vulnerability in SMB ( Server Message Block ) implementation in Windows Machines prior to Window 10 that are not patched for #MS17-010. #Download LINK

To safeguard yourself from this, you are advised to do the following:-

- Immediately apply the patch for MS17-010 in your windows machine

- Block ports 139, 445 and 3389 in firewall

- Avoid clicking unwanted links and opening pdf/doc sent by unknown senders

- Make sure your software is up-to-date

- Have a pop-up blocker running on your web browser

- Regularly backup your files

- Install a good antivirus and a good anti-ransomware product for better security

- Remove Windows NT4, Windows 2000 and Windows XP-2003 from production environments.


Prevent WannaCry: Make sure closed 445/137/138/139 port on Windows

sharvin shaji

 Modify the registry 

Add a registry key, specific steps:
  • Click “Start”, “Run”, type “regedit” to open the registry.
  • Locate the registry key “HKEY_LOCAL_MACHINE\System\Controlset\Services\NetBT\Parameters”
  • Select “Parameters” New Right “DWORD Value.”
  • Rename the DWORD value as “SMBDeviceEnabled”
  • Right-click “SMBDeviceEnabled” select “Edit” in the “numerical data”, “0”
Key details are as follows:
Hive: HKEY_LOCAL_MACHINE
Key: System\CurrentControlSet\Services\NetBT\Parameters
Name: SMBDeviceEnabled
Type: REG_DWORD
Value: 0

After completion modify the registry to restart the computer, and then CMD run “netstat -an | findstr 445” view port 445 is closed.

Configure the firewall

This method is not shut itself down port 445, but in order to block access to the external port 445 connected to the machine.
Firewall Advanced Settings – Inbound rules – Right-click New Rule – Select UDP, the port number in the dialog box to write 445.

Shut down the server service

Administrator, open cmd, run
net stop server

You need to restart your computer.

Disable SMBv1


Unknown

http://hackstechlife.blogspot.com/

Feel free to share this post with your friends.Sharing Is Caring

No comments:

Post a Comment