Windows 7 - cryptolocker, don't map drives, but: 'use UNC shortcut'(?)



  • G'day  ;D

    I've been searching for hours and hours, but I can't seem to find an answer to my question. The cryptolocker-alike virusses scare me. I've implemented Software Restriction Policies (SRP), including tightening up the \Windows and \Program Files directories. On further reading, it goes that cryptolocker alike virusses can encrypt mapped drives, but can not encrypted 'normal network shares', which is supposed to be 'UNC mapped drives'. So, in many places it is said to 'use a shortcut to a UNC drive, for example here:

    The simplest way to protect the NAS shares is not to map them as network drives. Create shortcuts instead.  Blocking write access might also work

    http://www.readynas.com/forum/viewtopic.php?f=23&t=73860

    Now I do know that UNC means: \server1\directory. But I don't know how you 'map' that, or create a shortcut to it. Uncle google fails me miserably here  :-[

    What I mean is: I do know of the:

    [code]net use n: \server1\directory

    command, but this still is a normal mapped drive (to n:) (at least I assume it is).

    What I currently have is this: a Linux server, with directories that I mapped to X:\ Y:\ Z:\ on Windows 7 using the 'map network drive' in explorer. Obviously, this is what cryptolocker can infect according to those that know.

    How would I change this into 'a shortcut to a UNC drive' in such a way that a normal desktop can still use the networked share on the Linux server as an X:\ Y:\ or whatever in Windows 7?

    It is this: the Linux server is my NAS, and whenever I download a document I move it to Y:\Ebooks\…...... What would I need to do to do this with 'shortcut to a UNC drive'?

    As always, I am in your debt for any help  :-*

    Thank you in advance  ;D


  • Moderator

    The best options are to have a Good Backup Retention Policy.

    Daily, Weekly, Monthly Backup routines are really beneficial. So you can perform a Daily backup of New/Modified Files, Weekly full backups. And overtime only keep one backup per month. Backups should also be password protected or stored offsite so they can't be maliciously encrypted also.

    Also putting folders into "Read Only" so that they can't be modified.

    I use this program to help with Backups:

    http://backuppc.sourceforge.net/info.html

    Regarding the UNC part, once you click on the Short-cut, you have to be careful that Windows doesn't automatically save your credentials to that path and keeps a record of it.

    Windows Shell command to see Shares:
    net share



  • In Windows 7: Open Explorer and enter in command line

    \<ip>>dir<

    ENTER

    then the NAS folder will open

    On the left under "Network" the NAS will appear. Simply pull this to your desktop and you have a link to the folder…

    I think this should be what you are looking for.</ip>



  • @chemlud:

    In Windows 7: Open Explorer and enter in command line

    \<ip>>dir<

    ENTER

    then the NAS folder will open

    On the left under "Network" the NAS will appear. Simply pull this to your desktop and you have a link to the folder…

    I think this should be what you are looking for.</ip>

    Well, thank you Sir, that appears to have done it; thank you and k+ for you  :D

    But now that I see what they meant, this isn't really workable. I use Totalcommander in Win7 (= MC in BSD/Linux = Norton Commander in those old Dos days) to handle files. So I have a directory z:\office, and when I want to copy/move files to/from I simply do a F5/F6 from the left pane D:\ to the right pane Z:.

    Because I simply hate the stupid concept of Windows Explorer. If you want RSI, use that (and Windows itself, of course).

    And with this method I am forced to use explorer to copy/move files  :-[



  • @BBcan177:

    The best options are to have a Good Backup Retention Policy.

    Daily, Weekly, Monthly Backup routines are really beneficial. So you can perform a Daily backup of New/Modified Files, Weekly full backups. And overtime only keep one backup per month. Backups should also be password protected or stored offsite so they can't be maliciously encrypted also.

    Also putting folders into "Read Only" so that they can't be modified.

    I use this program to help with Backups:

    http://backuppc.sourceforge.net/info.html

    Regarding the UNC part, once you click on the Short-cut, you have to be careful that Windows doesn't automatically save your credentials to that path and keeps a record of it.

    Windows Shell command to see Shares:
    net share

    Thanks BB  ;D

    1. Backup policy is ok, but not if you have 40TB of data  :-[
    2. Folders read only means you can not store data on the central file server, which was the hole purpose  :-[
    3. net use still means mapping as far as I know, and mapping was to be avoided.



  • @Hollander:

    @chemlud:

    In Windows 7: Open Explorer and enter in command line

    \<ip>>dir<

    ENTER

    then the NAS folder will open

    On the left under "Network" the NAS will appear. Simply pull this to your desktop and you have a link to the folder…

    I think this should be what you are looking for.</ip>

    Well, thank you Sir, that appears to have done it; thank you and k+ for you  :D

    But now that I see what they meant, this isn't really workable. I use Totalcommander in Win7 (= MC in BSD/Linux = Norton Commander in those old Dos days) to handle files. So I have a directory z:\office, and when I want to copy/move files to/from I simply do a F5/F6 from the left pane D:\ to the right pane Z:.

    Because I simply hate the stupid concept of Windows Explorer. If you want RSI, use that (and Windows itself, of course).

    And with this method I am forced to use explorer to copy/move files  :-[
    [/quote]

    Nope, if your fav folders are on your desktop (or linked to your desktop) you don't have to press WIN+e, if you don'T like these keys on your keyboard :-p


  • Moderator

    Here is a good recent article about a new form of Ransomware.

    https://securelist.com/analysis/publications/64608/a-new-generation-of-ransomware/

    Backup! Backup! Backup!  :)

    How much of that 40TB of data do you actual use on a daily basis?

    Take the bulk of it, and put it into a Read-Only Archive Folder. Back this up to multiple offline storage Devices.

    Than implement "versioning" of the files as you change them and save those to a read/write folder. Then the daily backups become smaller and easier to manage.

    Each Year, take those versioned files and put them into the Archive Folder.

    ps- The net use command, was just to show you what shares are open on your machine.



  • @chemlud:

    @Hollander:

    @chemlud:

    In Windows 7: Open Explorer and enter in command line

    \<ip>>dir<

    ENTER

    then the NAS folder will open

    On the left under "Network" the NAS will appear. Simply pull this to your desktop and you have a link to the folder…

    I think this should be what you are looking for.</ip>

    Well, thank you Sir, that appears to have done it; thank you and k+ for you  :D

    But now that I see what they meant, this isn't really workable. I use Totalcommander in Win7 (= MC in BSD/Linux = Norton Commander in those old Dos days) to handle files. So I have a directory z:\office, and when I want to copy/move files to/from I simply do a F5/F6 from the left pane D:\ to the right pane Z:.

    Because I simply hate the stupid concept of Windows Explorer. If you want RSI, use that (and Windows itself, of course).

    And with this method I am forced to use explorer to copy/move files  :-[
    [/quote]

    Nope, if your fav folders are on your desktop (or linked to your desktop) you don't have to press WIN+e, if you don'T like these keys on your keyboard :-p

    Thank you, Chemlud  ;D

    It took some fizzling, but it appears that, in TotalCommander, I can add a directory to a shortcut list once I am in that directory. So 'tWorks now and I managed to avoid the st*pid 'windows explorer'. Windows: 1990 technology and user friendliness with a 2012 GUI.



  • @BBcan177:

    Here is a good recent article about a new form of Ransomware.

    https://securelist.com/analysis/publications/64608/a-new-generation-of-ransomware/

    Backup! Backup! Backup!  :)

    How much of that 40TB of data do you actual use on a daily basis?

    Take the bulk of it, and put it into a Read-Only Archive Folder. Back this up to multiple offline storage Devices.

    Than implement "versioning" of the files as you change them and save those to a read/write folder. Then the daily backups become smaller and easier to manage.

    Each Year, take those versioned files and put them into the Archive Folder.

    ps- The net use command, was just to show you what shares are open on your machine.

    You are once again right, BB  ;D

    (TB's of HD movies of all my dogs. Valuable memories. That is the most important data. Static data. Business data, dynamic, is probably just 1 TB. The memories of my dogs are 28 TB now. That is a lot of removable drives. And I don't trust the cloud (let alone the data would be uploaded by the time I am long gone). It's complex.


Log in to reply