Paradox Community

Items in pnews.paradox-development

Subject:Re: oplocks etc
Date:Sat, 11 Jan 2020 14:42:07 +1100
From:Tom Krieg <REMOVEtomkCAPITALS@sdassociates.com.au>
Newsgroups:pnews.paradox-development
Wannacry.

What is it?

WannaCry is ransomware that is affecting Microsoft Windows operating 
systems. On 12/05/2017 a coordinated attack was initiated, infecting 
hundreds of thousands of computers in more than 150 countries. The 
ransomware is somewhat unique in that it spreads via multiple methods, 
including phishing emails and as a computer worm on unpatched systems.

[separator headline=”h2″ title=”How does it work?”]

When executed, WannaCry initially checks the “kill switch” domain name 
and, if missing, the ransomware encrypts the computer’s data. It then 
attempts to exploit a Server Message Block (SMB) vulnerability to spread 
out to other computers on the Internet, as well as laterally to 
computers on the same network.

I'm not sure about other attacks. But it basically boils down to 
"Problem is between the chair and the keyboard".

If  you have a bullet-proof VPN and users know not to believe Nigerian 
princes who want to give them money, SMB1 should be safe to use. Keep 
Windows patched. Microsoft did release some SMB1 patches but have gone 
to SMB2 by default.

On 11/01/2020 5:09 am, Steven Green wrote:
> are there specific smb1 vs smb2 issues you've seen? are there serious 
> smb1 vulnerability issues, or is it just dee-fence dee-fence?
> 


Copyright © 2004 thedbcommunity.com