home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] Settings to inhibit wannacry

Thanks Dianne.

FWIW, I found from a net posting that the way to disable 445 is to edit the registry (run regedit) to add

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
Name: SMBDeviceEnabled
Type: DWORD (REG_DWORD)
Data: 0

Don’t forget to restart your computer after disabling the above ports for effect.Also, to check that those ports are disabled, you can open a command prompt and type netstat -an to confirm that your
computer is no longer listening to those ports.

Best, JN




On 2017-05-13 10:22 AM, Dianne Skoll wrote:
On Sat, 13 May 2017 09:55:04 -0400
J C Nash <profjcnash [ at ] gmail [ dot ] com> wrote:

1) To help slow down the spread of the ransomware, is it worth linux
users putting
min protocol = SMB2

I doubt it could spread on Linux anyway.  The bug is most likely
Windows-specific and the payload is extremely unlikely to run on Linux.

2) I use some WinXP VMs on Virtualbox. Should I do anything on those
to reduce the spread of infection?

Block the SMB port (TCP/445) in and out on the firewall.

Regards,

Dianne.
_______________________________________________
Linux mailing list
Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
http://oclug.on.ca/mailman/listinfo/linux