It is currently Thu Mar 28, 2024 4:01 pm

All times are UTC - 7 hours [ DST ]

Recent News:



Post new topic Reply to topic  [ 5 posts ] 
Author Message
PostPosted: Sun Apr 22, 2018 10:10 pm 
Offline
Max Contributor
Max Contributor

Joined: Fri Jan 25, 2008 4:17 pm
Posts: 1140
Location: Roseville, California
Thanks: 10
Thanked: 24 times in 22 posts
So I was just hit recently with ransomware. I've lost access to everything. I used my server as my only backup because it had folder duplication. So I've lost access to all scanned documents, Movies, and pictures of my son growing up. This is unimaginable to me since I never install anything on my server unless I'm 100% certain of where it came from. While I haven't always been the best I've always been careful. The nightmare wasn't created by anything I did, it came from a BRUTE FORCE ATTACK against RDP. Looking at my logs I can see now numerous failed login attempts. They hit me until they got in. once in the chaos started and went unnoticed by me for a day or so once I noticed it seemed to happed rather fast or I just realized how much was encrypted at the that time. I Wanted to start this thread so everyone knows the dangers out there and so people can offer suggested things to protect themselves. Since we are headless and relies on RDP this is a real concern.

I wanted to begin the conversation.....


Top
 Profile  
Thanks  

Attention Guest: Remove this ad by Registering with the MediaSmartServer.net Forums. It's Free!
PostPosted: Thu Apr 26, 2018 3:40 pm 
Offline
Max Contributor
Max Contributor
User avatar

Joined: Sat Apr 12, 2008 12:49 pm
Posts: 2226
Location: Casper Wyoming
Thanks: 81
Thanked: 256 times in 251 posts
Great Topic and something that should be of concern to all of us using a eol os.
1--
I for one decided to turn off remote access years ago:
1) For safety reasons
2) It's speed was not great with only a 5 meg upload anyway.
3) I didn't really need anything I couldn't wait till I got home for anyway.

2--
I use a netgear Firewall/wireless Prosafe router. While not bullet proof by any means, it does help stop some of the old stuff.

3--
Most importantly I keep 3 copies (outside of the server and network, NO CLOUD) of my data and while this is not possible for everybody, I could not in good faith not have at least 1 copy of the stuff I can't lose.
Kids/Wedding/Births/Impotent documents/pictures/etc.
Even if I had to buy USB 10 TB ext drives, I would have at least 1 extra copy of my data.
My Buddie has a Network Drobo NAS and a USB Drobo to back it up.

4--
The most impotent thing is when you have backups, you have to stick with a schedule, I will not go more then 3 months without a new backup update.

Hope this helps someone and I am so very sorry they got you, These people are very bad people.

Goodluck all and enjoy!

_________________
[X510 CPU/RAM/All 2 TB Red's] [X510 CPU/Sync'ed Backup/All 2 TB Hitachi's]
[X510 /2 in box]
[X710 LIAN LI DIY W2016E] Stablebit Drivepool [EX-503 LIAN LI 5-bay USB3 External]
:twisted: Fear the Cloud :twisted:


Top
 Profile  
Thanks  
PostPosted: Sat Apr 28, 2018 11:24 pm 
Offline
Max Contributor
Max Contributor

Joined: Fri Jan 25, 2008 4:17 pm
Posts: 1140
Location: Roseville, California
Thanks: 10
Thanked: 24 times in 22 posts
what netgear firewall are you using? i just got the GS752TPS, while i dont know everything i should about it so far its been really nice.

Ive been looking at some online i just want something that is going to have fast thru put. I dont want something choking out my network.


Top
 Profile  
Thanks  
PostPosted: Wed May 09, 2018 4:21 pm 
Offline
Max Contributor
Max Contributor
User avatar

Joined: Sat Apr 12, 2008 12:49 pm
Posts: 2226
Location: Casper Wyoming
Thanks: 81
Thanked: 256 times in 251 posts
Netgear prosafe srxn3205.
It is my main router/wifi/vpn.
it is showing it's age, new they were $300-$400
I bought a used one on ebay for a backup for about $125.
It has basic firewall and I have been using it for around 5-8 years.

Netgear has stopped the prosafe line I believe so I don't know what my next router will be that will support IPV6 as this one doesn't.
Good Luck

_________________
[X510 CPU/RAM/All 2 TB Red's] [X510 CPU/Sync'ed Backup/All 2 TB Hitachi's]
[X510 /2 in box]
[X710 LIAN LI DIY W2016E] Stablebit Drivepool [EX-503 LIAN LI 5-bay USB3 External]
:twisted: Fear the Cloud :twisted:


Top
 Profile  
Thanks  
PostPosted: Fri May 18, 2018 11:00 am 
Offline
1TB storage
1TB storage

Joined: Sat Jan 30, 2010 1:47 pm
Posts: 44
Thanks: 6
Thanked: 1 time in 1 post
I also have remote access disabled on the server to prevent unauthorized access.

But a greater concern I have is a knucklehead breaching my Router/firewall which is nothing more than a consumer grade Linksys router, albiet a newer one.

I have no confidence in its ability to keep out a would-be hack.

I operate on the assumption that I have nothing of interest to anyone.

But that said, I periodically pull a new IP address from my ISP by changing the MAC on my router and rebooting it. Probably paranoid and it likely doesn't stand up to a reasoned argument against doing it, but I still do it..


Top
 Profile  
Thanks  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC - 7 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group