[dba-Tech] Wanna Cry/WannaCrypt

John R Bartow jbartow at winhaven.net
Tue May 23 17:10:35 CDT 2017


Lol, I knew that eventually you work this around to suggesting everyone use
Linux.

The fact is Wannacry was not a threat to people who upgrade and apply
patches on a regular basis. You didn't see any big warnings about it from me
did you? When a hack is released to the public - it's not only the black
hats that should be taking note, the white hats should be too. I have a good
group of white hats in my corner and my security had this vulnerability
covered a month before the black hats took advantage of it - even on
unpatched XP systems. 

So the questions Wannacry raised are: Do you patch? Do you know why you're
patching? Do you have proper, multi level security? And, as you mentioned,
do you have proper offline backups. 

So nothing new here. Just common sense that applies to ALL computers,
Windows or not.

Nice try at trying to recruit more penguins though ;-)
-----Original Message-----
From: dba-Tech [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of
Jim Lawrence
Sent: Tuesday, May 23, 2017 1:07 PM
To: Discussion of Hardware and Software issues
Subject: [dba-Tech] Wanna Cry/WannaCrypt

Hi All:

The is a rather late comment on the Wannacry worm that spread around the
planet. 

<rant mode on>
People have been quick to blame Microsoft for their hacked systems when the
problem could have been easily blocked and recovered from by just using the
most basic steps. I personally find it amazing that even though PCs have
been around for a generation, few seem grasp the basics of planning for
failure. Failure of your system is guaranteed. Consider your computer like a
light bulb...all fail eventually and if you career or business depends on
your data, plan for system failure one way or the other. The Wannacry worm
was a wake up call.

Aside: I strong disagree with the creation and storage of hidden system
vulnerabilities. Not matter how well hidden they always get out and if not,
when used, they are like a gas attack. It takes a wary opponent hours to
reciprocate and because of our highly technical society we end up getting
hammered to pieces, far worse. Can you imagine what would have happened if
after Japan was nuked, within hours, Japan was nuking the west coast, in
retaliation?  
</rant mode off>

XP was really not the problem as how could anyone expect a ancient system to
not be easily hackable? The real problem is that of how the system's routers
were setup. To start with, secure mode should always be set, on the router.
This mode shuts down every port except port 80 unless specifically requested
by the user and that requires a manual entry. The hack, passed through the
router, using port 139, that was used by NetBIOS and in conjunction with
port 445, for direct TCP/IP SMB. No one uses these ports anymore so they
should be turned off. Even as far back as 1995, when install Windows 3.1
workgroup, Microsoft was recommending not using applications that required
these ports. If you want to check to see if these ports are open on your
router or network, browse to one of many external port checkers. I use the
following online app as it is generic and works on everything:

http://www.yougetsignal.com/tools/open-ports/

When arriving on the opening screen find and click on the button, on the
right saying "Scan all common ports". If ports 139 and 445 show up as open
turn them off through your router.

Backup are the essential for every PC that has data that is worth anything.
The MAC has an excellent, fully automated system called the timemachine,
that initialises with a hard-drive image and then does a regular/continuous
backup of all changed files. Linux has many excellent backup systems...a
package called Cronopete emulates the features of the Apple Timemachine.
Both these products allow your system, from a hard down, to operational
within an hour. MS Windows may have something similar, I don't know...all I
can say is they didn't use to.

I don't want to make the following appear as a rant against Microsoft but
there are some major faults in Window design. Its greatest strength and
weakness is it backward compatibility. With that compatibility comes an
inability to sand-box or isolate a process, a user or application. That is
just the way it is designed from the ground up and the cost of rebuilding
millions of lines of ancient of code is prohibitive. I am pleased to see
Microsoft is adopting more and more Linux modules. At one time, in the
future, in may just become another flavour of Linux. In the meantime, while
MS is going through this migration process, I just use Linux. Linux is also
great for walling in and protecting your Windows servers as Linux is much
better at being front facing. Linux today, runs most of the best routers
(ie. Cisco) but not all are expensive and many older routers can be upgraded
using products like OpenWrt, pfSense, OpenVPN to name but a few industry
standards. (They are also OSS!
 .)

One last comment on Windows and Linux comes from TechRepublic. A quote from
the article goes as follows; "The important question here is this: Have
there been any ransomware attacks on the Linux desktop? The answer is no.
With that in mind, it's pretty easy to draw the conclusion that now would be
a great time to start deploying Linux on the desktop.":

http://www.techrepublic.com/article/wannacrypt-makes-an-easy-case-for-linux/

Jim    
 

_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com



More information about the dba-Tech mailing list