Basic introduction
Ransomware is a "worm-like" ransomware software with a size of 3.3MB. It is spread by criminals by exploiting the dangerous vulnerability "EternalBlue" leaked by the NSA (National Security Agency, US National Security Agency). The rampant ransomware virus is like a global Internet disaster, causing huge losses to the majority of computer users. The latest statistics show that more than 100,000 computers in more than 100 countries and regions have been attacked and infected by ransomware viruses. Ransomware is one of the most influential viruses since gray pigeons and pandas burned incense. The WannaCry ransomware broke out globally. At least 300,000 users in 150 countries were infected, causing losses of US$8 billion. It has affected many industries such as finance, energy, and medical care, causing serious crisis management problems. Some users of Windows operating systems in China were infected, and campus network users were the first to suffer the consequences. A large amount of laboratory data and graduation projects were locked and encrypted. After the application systems and database files of some large enterprises are encrypted, they cannot work properly, which has a huge impact.
Solution
1. Turn on the system firewall
2. Use advanced system firewall settings to block connections to port 445 (this operation will affect services using port 445)
3. Turn on automatic system updates and detect updates for installation.
Win7 processing
1. Open Control Panel-System and Security-Windows Firewall, click on the left to enable or disable Windows Firewall.
2. Select Enable Firewall and click OK
3. Click Advanced Settings
4. Click on Inbound Rules to create a new rule
5. Select the port and next step
6. Specific local port, enter 445, next step
7. Choose to block the connection, next step
8. Configuration file, select all, next step
9. You can enter any name you want and just finish.
XP processing
1. Open Control Panel, Security Center, Windows Firewall, and select Enable
2. Click Start, Run, enter cmd, and confirm to execute the following three commands: net stop rdr, net stop srv, net stop netbt
Useful
Useful
Useful