How does it spread?

lmao you just got botnet'd.

HOW DO I UPDATE CRACKED WIN10

>grc

kill yourself.

...

It's a trusted site. What is wrong, autsimo?

Common sense is more than enough senpai

Does the ransomware encrypt every hard drive in the machine or just the primary OS drive?

i raely ne3d h3lp annonymouse
hw do i cunter hax

>Win 10
>affected
lol, literally autism

My ISP is using caching proxy just for http and this shit test assumes it can't probe my other ports (that are open because I run various internet-facing servers)

>thinking he's being serious
literally autism

>pretending to be retarded
still a retard tough, user.

10 is affected as well.

Sucks bein you

...

only if you don't update that shit for months

>If you don't need UPnP then switch it off altogether

fuck you. UPnP is the only way to make NATs bearable.

All Windows that lack the Macrs update are vulnerable, including XP, Vista, 7, 8, 8.1, 10 and their Server counterparts

it's useless skiddie tier bullshit that has been obsolete since people have been installing software updates.

It also doesn't tell op if he's vulnerable to SMB based, wana crypt exploits since most of those will occur on a more "public" internal network like starbucks or school or even a workplace.

So you have autism. Back to your figet spinner thread, fuckface

>reinstalled W7 a few months ago and immediately ran the Ancile script to block the spy shit
How screwed am I? Should I just bite the bullet and embrace the NSA? Or is this all part of their master plan? I guess I could also just back up my files and reinstall again if things go south.

the nsa is unavoidable dumb ass. android, windows, facebook, google, apple, etc

I'm dual booting and didn't boot into windows for a while.

I wonder if I'll get fucked.

Why do you run such script shit? You can do all that manually through GUI.

Retard

>Retard
not an argument

>doing something manually when there's already a script that does it automatically

>Can't wait until this cancerous Ransomware meme gets forgotten.

Until the next Windows malware fiasco when even more NSA exploits get leaked. Man, I can't wait, watching windowsbabbies panic is hilarious.

>NSA exploits
>thwarted by router firewalls
really makes me fucking think

is it normal to literally have not a single open port?

>a script that
destroys your OS

You have one port closed. Yeah, it's normal. Ideally you'd want all of them to be "stealth" - which is not to respond at all to any request.

Hack proof boiiis

2 ports, but ok thanks, didn't know what stealth meant in this context. Does a stealth port mean that in order for "notifications" to reach my computer, it needs to poll a message queue itself? is this how it happens on mobile devices?

>be me
>have physical wifi switch on my laptop (thinkpad best)
>prepared to turn it off if anyone uses an infected pc anywhere nearby (work wifi, mcdonalds/coffee shops, etc.)

as a consumer, yes probably.
I wouldn't worry about closed ports either, effectively the same thing.

t. no argument
I can't believe you're too tarded to understand the difference of NAT'd local networks vs the Internet.

but then again you're a girl (male).

No, All the notifications that you get has nothing to do with open or closed ports. You have info on that page what means those ports and their state.

>how does it spread?
smb vuln

>how to protect grandmas pc?
disable smb, block the ports, update her windows pc, etc.

>is common sense 2017 enough?
not really...

>effectively the same thing
False. A closed port means you are signaling to a potential attacker that you are at the end the tunnel. A stealth port means you are being quite, making anyone believe there is nothing there.
Now back to your autism toy thread, fuckface

I haven't updated shit on my PC in years, how long until I lose

so effectively the same thing.

both result in a drop and both little to no impact on your system in terms of usage.

judging by some pics form twitter, only some files

install the patches/updates, or disable all smb services

>404 is widely different from 403 for potential attacks!
kek

>so effectively the same thing.
No. Closed means you are telling someone who is scanning the network that you are there, and that your device does not accept a connection through that port. Stealth means keeping quiet, making that person believe the IP is not allocated to anyone.

so the same thing. got it.

Kind of. But why let people know you are there, when you can hide?

>the only way of getting infected is by downloading and running hhe malware on your own accord
So all these retards are making a big deal out of nothing then? Holy shit, how stupid.

If you haven't been infected yet, you won't be infected now since the kill switch has been triggered. Just update your shit and set proper firewall rules.

Will defragmenting my notebook protect me from this malware? I have a new asus zenbook with an intel core i5, 8gb ram, 512gb ssd and a 1080p display. Thanks!

>hear all about this horror story just now
>"oh shit, better update windoze 7 nao"
>135 items

...updating one at a time could still cut it, right?

so you're now agreeing with him that it is effectively the same thing when you just said it wasn't?

why do namefaggots like you even come here? it's bad enough to shit the board up with your attention seeking but you gotta be constantly fucking wrong, too

Yes, Sup Forums is halfway retarded. Unfortunately..

If your ports are blocked which you should be since you should have a firewall up, you will only be infected by manually installing. Retards are making a big deal out of it cause they don't have a firewall or the virus creeped into a local network and no firewall can stop an inside job.

It's not the same thing. Buth offer equal security, but it makes no sense to let people know that you are there when you can just hide.

install stuff from May first

My workplace got hit with this because I haven't updated anything in over a year. All i have is a week old backup and my boss is going to fire me if he finds out this could have been avoided.

people like you are why the internet is so client-server centric instead of distributed.

It's also why my job as an "IoT" engineer are literally hell because I have to deal with NAT's IPv6 tunnel bullshits and all sorts of network translations

fuck off and die. if your shit is up to date, a closed port is literally the same as a stealth port.

LITERALLY the only bad thing that can come from replying with connection refused is that some skid could makr your EYE PEE for some epique DDoS attack and if that happens just call your telcom and have them blackhole your ip and get a new IPv4/6 lease.

No one said literally the same thing, you mentally ill faggot. user said: "effectively the same thing" to which you rebutted "false" but are now agreeing with him after getting BTFO.

Leave this board, it is so obvious you don't belong here and you constantly spout shit despite not knowing what you're talking about.

>To disable SMBv1 on the SMB client, run the following commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled

>To disable SMBv2 and SMBv3 on the SMB client, run the following commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc.exe config mrxsmb20 start= disabled

>Notes
You must run these commands at an elevated command prompt.
You must restart the computer after you make these changes.

>To obtain the current state of the SMB server protocol configuration, run the following cmdlet:
Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol

support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012

OFF 445 port

It isn't the same thing. You let everyone who is scanning a range of IP's that your IP is allocated. Far from bein the same.

>IoT
HHHAHAHAHHAHAHAHAHHAHAHAHAHAHHAHAHAHAHHAHAHAHHAHHAHAHHAHAHHAHAHHAHAHHAHAHHAHAHHAHAHHAHAHHAHAHAHHAHAHAHAHHA

Is this good?

Yes. All green is what you want.

>changes argument again
You already said they're "kind of" the same thing, you can't just go back and forth because you don't want to look stupid.

They are effectively the same thing, despite not literally being the same thing. Kill yourself.

Kind of, from a security pov. Everything else is not the same. You are letting everyone know you are there.

>is common sense 2017 enough?
Common sense dictates you need update regularly.
This shit got patched 2 months ago, you're fine

protip. a lot of industrial control systems have been "IoT" since like 2004. so maybe show some respect.

>mentally ill namefaggot who doesn't know shit about technology
>showing respect
Best to just ignore him.

>IoT
They're a fucking mess from a security pov. Claiming your an I(di)oT engineer only shows you're incompetent

common sense implies not using windows

...

/thread

>feel like just updating with security updates to cut down on bloat from MS updates
>windows update catalog is down and refuses to even return a query

THANKS WANGBLOWS.

Try again multiple times, it fails usually to me a well.

Is this good enough ?
How do I fix this ?

Networks as a whole are a security mess.
ARP poisoning is still a very real problem for instance and is a fundamental problem of the whole design of it.
and I can't stop some customers from using preinstalled snakeoil certs/keys instead of setting up their own PKI or using symmetric keys.

what is bullshit is some of our older devices download unsigned blobs over non-tls connections. I don't know why anyone thought that was ok or who signed off on it.

Check which port is in whatever condition (you did not captured that) then verify related settings in your router.

My bad.
Every port is stealthed, what should I check ?

it literally doesn't matter.

for fucks sake. if you really care go into your fucking router config page and unfuck it.

you probably need to tick some "drop anonymous internet requests" box.

it stopped spreading for the moment because some reverse engineers discovered the very shitty designed worm checks a hardcoded, nonexistant domain and if it exists (meaning, they are running in a virtual machine/sandbox for analysis) and if so, shuts itself down.

so all they did was register that domain last night and stopped the worm from spreading.

they will relaunch it with better sandbox analysis (like looking for VM processes instead of testing a hardcoded domain) so just patch your systems and block all ports except HTTP/HTTS and email.

Microsoft should release an out of bounds XP patch that blocks all ports except the above too as apparently 30% of china runs XP still

>call telcom for new IPv4/6 lease
lol consumers still use static IPs?

no? but most have relatively longish leases.

the only consumer nets, that I've seen, with basically 0 second leases are phones.

GRC Port Authority Report created on UTC: 2017-05-13 at 16:50:33

Results from scan of ports: 0-1055

2 Ports Open
1 Ports Closed
1053 Ports Stealth
---------------------
1056 Ports Tested

Ports found to be OPEN were: 22, 443

The port found to be CLOSED was: 655

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

am I rip guys? apparently running 443 means I'm kill and that hackers are exfiltrating muh datas.

Are you retarded? Even in a "dynamic" IP pool, you will have the same IP for a few days at the very least. Why do you stupid fucks post here?

You can get a new IP in literally 30 seconds if you want.

The reason I said that was, because, if you have a dynamic IP, I think, you just restart your router and you have a new IP, no? so I said that because he said you have to call them for a new IP, but I don't think that is the case. Is that a good reason to say that? Yes, usually the IP stays the same longer, but it is easy to change it manually, without having to call

>Every port is stealthed
You're fine then? Your system replied on some port to a ping. Thst's why it failed. Something must be wrong, check what's on that page.

uh oh guys my server is even worse

GRC Port Authority Report created on UTC: 2017-05-13 at 16:57:07

Results from scan of ports: 0-1055

7 Ports Open
1049 Ports Closed
0 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be STEALTH.

Ports found to be OPEN were: 22, 25, 80, 143, 443, 465, 993

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

AM I BEING HACKED?!?!

what did he meant by wearing a button with freebsd on it? don't he says in his website that bsds uses non free shit?

Yes, and? The average consumer's option is to call not clone their mac or whatever method suits your fancy.

No, that's not how it works usually. Usually your IP's assigned to your mac address, which is why all computers on the same network share the same external IP. Restarting your router doesn't change that. You'd have to leave it off for a long time before your ISP would reassign it.

It's entirely dependent on the Lease length your telco sets up.

if you can control your Modem's MAC addr you could do it instantly i suppose

this doesn't apply to IPv6 though.

if you are using IPv6 literally just change your MAC address on the connecting device.

He means "brown phone posters go away".

>this doesn't apply to IPv6 though.
>
>if you are using IPv6 literally just change your MAC address
If you can "literally just change your mac address" on any device, you would be able to change your IP at will on ipv4 and ipv6. The trick is actually doing that, and is not something most consumers know how to do.

i love memes