Eli The Computer Guy is right. Besides general online safety practices, disabling networking protocols you don't use could help significantly stop the spreading of Wana Crypt0r. Wana Crypt0r uses the SMB protocol, which is a file sharing protocol, and here is how you can disable it in powershell. Please spread the news. In Windows 10, their should be a search bar at the bottom left corner, search: powershell Click it, and then type out EXACTLY what you see below into the small blue powershell window. This will prevent Eternal Blue which is the exploit payload that basically spreads the ransomware across your internal network. You have to run both of these commands on every Windows computer on your internal network if you want to make sure it won't be infected by another computer on the same internal network that may already have the Wana Crypt0r ransomware. Set-SmbServerConfiguration -EnableSMB1Protocol $false Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force I tried my best to sum it up for the casual user here, so please don't hit me up with a million questions. lol
A couple of years ago I worked for a company that was hit by ransom ware. We did work for Comcast and in order to remote access their internal job tracking system, we had to keep our computers out of date. Our computers hadn't had an update in over 3 years. Luckily we backed up our files every day, so we just wiped the server and just reloaded the data. The IT company we used said they believed the malware got on our system through out dated Microsoft Silverlight.
My recommendations are: 1. Make sure Windows is updated with the critical updates (I used to not recommend auto updates due to MS breaking Windows every time they try to fix it, this time though, things have changed). 2. Have a quality Anti-Virus (Kaspersky, Panda, Avast, NOT NORTON, MCAFEE, OR AVG) 3. Use a secondary "spyware" scanner like Malwarebytes and Spybot S&D (I still use 1.6, not 2.*) 4. Don't use Adobe Reader at all (I recommend FoxIT), and don't have Java runtimes installed if you don't need them, if you do, make sure it stays updated. 5. DON'T USE ADMIN/ROOT LEVEL ACCOUNTS, create a "guest" account for normal use, login to Admin when you have to, and back out when you are done. 6. DO NOT install software you don't know exactly what it is. 7. Don't Pirate Software. Those are mandatory, I also recommend: 1. Not using Windows if you don't have to (I know, I know, few people will switch over). 2. NEVER click links in e-mail, social media sites, etc. 3. Don't use Google for your URL bar 4. When doing a "google search", copy the link for the result you want, and paste that into the URL bar, don't actually click the link. 5. If your PC has software you don't use anymore, get rid of it (through Uninstall, not just the icon). 6. Don't use Flash Drives, they are the mucous and cough of the computing world. 7. Have a good, and current image of your main OS drive, with a current backup of personal/business files, so when in question, you can just re-image the drive in a few minutes, and be on your way again without having to worry. 8. Use a proper password (I am not going to go into details on this, if you aren't sure what this is, do a bit of research), and change it at least every "quarter" (4 months). 9. Update the firmware on your router/gateway (IF you know what you are doing, if not, find someone who does). 10. Use an IP blocker with a current and "reliable" block list. 11. Make sure you are not using a "proxy" that you didn't tell it to use (check this occasionally, or any time things start acting "weird"), and make sure there are no entries in your "Hosts" file that don't belong there. There may be a couple of things I missed, and I am sure you covered most of these or all of them, plus some I forgot; I just figured I would give my unneeded two cents and the recommendations I give my customers. There are, of course, other rules for "Privacy" that aren't covered by "Security", as well as "Password Rules". Most infections/intrusions, are simply due to bad administration, and the fact 99% of PC users don't give any of this a thought, and are completely unaware. I am glad there is someone else on RUclips, who is reliable and knowledgeable, putting this info out. There can never be enough reliable sources of this info, and enough warnings in the public domain.
AVG "works", it just uses a TON of system resources it doesn't have to, and slows systems down considerably. I consider that a huge strike against an Anti-Virus. Avast is free, works as good as AVG, and doesn't bog down your system near as much.
I read somewhere that the best configuration for servers is command line only interface. The more user friendly GUIs and applications your server runs with, the bigger it's attack surface. I can't imagine managing a server with just a command line at this point. I guess being a programmer and PowerShell expert would help.
Hi Eli! In the next few days I will have an interview for the IT Manager's position (hospitality field), I haven't worked on that position before, though I worked as an system administrator for many years. There's not one video or article on the net that I could find about the subject, even not considering the field, there is no way to find out what might be the questions and what skills are expected from the right person for IT Manager's position. Currently I am watching all of your introductioonary videos to have basic ideas about pretty much everything. It would have been so great if you could make such a video to make my preparation a little bit easier! Thank you for your contribution!
In one of your video you said that... in internet no one can stay annonymous ... then why till now no one has been able to find out the source of wanacry ransomeware... plz do answere...
Instead of referring to Bitcoin as "anonymous" it's better analogy to refer to it as "digital cash." The block chain is entirely public, you can associate people or organizations to wallets but just like cash there are no guarantees and no third party besides the chain itself verifying your transactions.
I tried to configure Test lab with @ Vms; Windows 7 ultimate . I used Virtual box and could be able to set up internal network using your videos. Then I infected one machine with WannaCry but it wasn't distribute to other. I checked SMB port ;they were opened in both VMs. Could you please help on this .I need to know how to get infected the wannacry through the network. basically I am not a Hacker and I am studying Computer security.
I would say that the rogue epidemic several years ago was the first prominent attempt to get money out of the end user, but ransomeware is far more dangerous.
Just because windows 10 is newer, does not automatically make it more secure. Assuming someone is not crazy, no developer intentionally includes remote code execution vulnerabilities in their code. Furthermore, no software is secure because someone says it is. Being secure, is something that comes to light over time when the software has proven itself to be secure. When you add new features, you are simply adding new potential security risks. Since the release of windows 10, there have been more exploits for windows 10 than on windows 7, as virtually every security update applied to 7, 8, and 10, in addition to a few that were unique to 10. It is very rare for an exploit to impact older versions of windows and not newer, as much of the codebase is carried over with each new version. This has been the case with every new version of windows. It is nothing unique to Microsoft, it is just a current fact that it is impossible to write perfect code. Overall, people just need to get the latest security updates. Usually when a security issue is patched, details on the vulnerability are published, thus malicious people who didn't know about it before, will know about it now.
But Eli! Autorun has been off by default since XP days.... And ransomware can totally work on a limited account. Anything the user can write to, the ransomware can overwrite. Good tips tho :)
damn. I use my phone as a makeshift USB drive. the only wireless transmission between my phone and computer is my own because my laptop has Bluetooth capabilities. guess it will just be 4shared uploading in the future for me then when using others. -_-
i don't know about secunia, when i used it in the past it would say shit is up to date (firefox/thunderbird) even though I had the up to date version ready to install on the outdated version on my system. happened with my android as well. Sorry but I don't trust cloud computing. for work, fine but person?! I'll keep my usb drive thanks. especially in this case where every two seconds places are getting hacked because they don't clog the fuckin holes in their software.
Eli the Computer Guy But Mister Eli your videos are really really helpful. I remember the time when I was lost at the vmware's website. I couldn't tell the difference between the paid and free version, and all their terminologies. Your video about introduction to virtualization and esxi allowed me to actually get a basic understanding of virtualization. Furthermore, before watching your video I couldn't even tell the difference between esxi and vsphere. It's small things like these that matter. No on RUclips tells that, I've searched alot. Sure RUclips put a community strike on you, but you are such a good content creator, and your material is so dense that I'll bet you can cram alot of detail even in a really short video. You have a huge following, I belong from Pakistan, to the world this country is at least 1400 years behind. But think about it, even at places like these you have a very fine following, where you least expect them to be. So please it is my humble request to you, on behalf of all of your subscribers that don't leave RUclips. There are alot off people here that really admire your work. Heck! When you announced that you were going to delete your RUclips channel, I downloaded all of your videos, because they were full of knowledge and great insights earned from years of experience, and that's priceless. Lastly, once again I will request that you reconsider your decision of leaving RUclips. You are not bound to anything, not RUclips and not even your own decision. If you decide to come back no one will say anything. Thank you Mister Eli. Salman from Pakistan.
Those operating systems still have vulnerabilities, nothings perfect. They may be less targeted as they have a smaller user base, but it's far from problem solved, still got to stay up to date on patches.
i dont understand why people dont like windows10. its better than windows 7 and xp and vista. i understand that windows 10 has alot of tracking software in it but so do all the other operating systems.
I am one of the people who doesn't like windows 10 that much. I used it for quite some time but are now back to windows 7. Many things in windows 10 are better, I agree but some things are just anoying. My favorite is that they obviously couldn't decide wich settings-manager to use, so they kept both. Most can be done in both of them but some are specific. Also there is no easy way to turn off the things you don't need: to turn off cortana for example you need to change registry entries. I also do not like the start menu wich often doesn't list all the entries it should (I know there are 3rd party apps for this). I also fond this article "Why Windows 10 sucks or Everything Wrong with Microsoft Windows" wich I think is quite compelling: itvision.altervista.org/why-windows-10-sucks.html But honestly my biggest problem is that most of my old games don't work anymore. :P And since I use windows only for gaming and do anything else on Linux (or sometimes Mac) there are no bad feelings about sticking with an outdated Windows OS for now. ;)
Horseshit. There are far more vulnerabilities in windows 10 than there ever was in XP. Micro$oft really shot themselves in the foot when they abandoned XP. THIS MESSAGE TYPED ON AN XP BOX
In seven years, I never thought I'd like a thumbnail on this channel.. and then zelda, and this happened.
+Louis Rossmann ... I never worried about gaming the system before...
Best thumbnail EVER! 😬
I'm going full "family friendly felix"...
Eli the Computer Guy "femeley firendly felex"
Eli the Computer Guy I love money too much
... darn tootin...
I like this new format. Thank you for trimming an leaving the most important parts, Eli!
I love the wall behind you :)
Eli is killing it with the thumbnails.
Eli The Computer Guy is right. Besides general online safety practices, disabling networking protocols you don't use could help significantly stop the spreading of Wana
Crypt0r. Wana Crypt0r uses the SMB protocol, which is a file sharing
protocol, and here is how you can disable it in powershell. Please
spread the news.
In Windows 10, their should be a search bar at the bottom left corner,
search: powershell
Click it, and then type out EXACTLY what you see below into the small
blue powershell window. This will prevent Eternal Blue which is the
exploit payload that basically spreads the ransomware across your
internal network. You have to run both of these commands on every
Windows computer on your internal network if you want to make sure it
won't be infected by another computer on the same internal network that
may already have the Wana Crypt0r ransomware.
Set-SmbServerConfiguration -EnableSMB1Protocol $false
Set-ItemProperty -Path
"HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1
-Type DWORD -Value 0 -Force
I tried my best to sum it up for the casual user here, so please don't
hit me up with a million questions. lol
The windows 10 upgrade assistant will still upgrade win 7 to 10 for free.... for those interested.
A couple of years ago I worked for a company that was hit by ransom ware. We did work for Comcast and in order to remote access their internal job tracking system, we had to keep our computers out of date. Our computers hadn't had an update in over 3 years. Luckily we backed up our files every day, so we just wiped the server and just reloaded the data. The IT company we used said they believed the malware got on our system through out dated Microsoft Silverlight.
Eli, what do you think about USB immunizers for preventing autorun malware?
Loving the shorter 30min format! This I can digest!
My recommendations are: 1. Make sure Windows is updated with the critical updates (I used to not recommend auto updates due to MS breaking Windows every time they try to fix it, this time though, things have changed). 2. Have a quality Anti-Virus (Kaspersky, Panda, Avast, NOT NORTON, MCAFEE, OR AVG) 3. Use a secondary "spyware" scanner like Malwarebytes and Spybot S&D (I still use 1.6, not 2.*) 4. Don't use Adobe Reader at all (I recommend FoxIT), and don't have Java runtimes installed if you don't need them, if you do, make sure it stays updated. 5. DON'T USE ADMIN/ROOT LEVEL ACCOUNTS, create a "guest" account for normal use, login to Admin when you have to, and back out when you are done. 6. DO NOT install software you don't know exactly what it is. 7. Don't Pirate Software. Those are mandatory, I also recommend: 1. Not using Windows if you don't have to (I know, I know, few people will switch over). 2. NEVER click links in e-mail, social media sites, etc. 3. Don't use Google for your URL bar 4. When doing a "google search", copy the link for the result you want, and paste that into the URL bar, don't actually click the link. 5. If your PC has software you don't use anymore, get rid of it (through Uninstall, not just the icon). 6. Don't use Flash Drives, they are the mucous and cough of the computing world. 7. Have a good, and current image of your main OS drive, with a current backup of personal/business files, so when in question, you can just re-image the drive in a few minutes, and be on your way again without having to worry. 8. Use a proper password (I am not going to go into details on this, if you aren't sure what this is, do a bit of research), and change it at least every "quarter" (4 months). 9. Update the firmware on your router/gateway (IF you know what you are doing, if not, find someone who does). 10. Use an IP blocker with a current and "reliable" block list. 11. Make sure you are not using a "proxy" that you didn't tell it to use (check this occasionally, or any time things start acting "weird"), and make sure there are no entries in your "Hosts" file that don't belong there.
There may be a couple of things I missed, and I am sure you covered most of these or all of them, plus some I forgot; I just figured I would give my unneeded two cents and the recommendations I give my customers. There are, of course, other rules for "Privacy" that aren't covered by "Security", as well as "Password Rules". Most infections/intrusions, are simply due to bad administration, and the fact 99% of PC users don't give any of this a thought, and are completely unaware. I am glad there is someone else on RUclips, who is reliable and knowledgeable, putting this info out. There can never be enough reliable sources of this info, and enough warnings in the public domain.
Gerff if i play some games like csgo only is it okay?
Avg is no good? damn thats what I've been using. Is there any good free anti virus?
AVG "works", it just uses a TON of system resources it doesn't have to, and slows systems down considerably. I consider that a huge strike against an Anti-Virus. Avast is free, works as good as AVG, and doesn't bog down your system near as much.
Thanks for the reply. I appreciate the long list of tips you gave too.
what about eset nod 32 antivirus?
pop3 doesn't necessarily remove the files from the server, there is an option to define this action.
I read somewhere that the best configuration for servers is command line only interface. The more user friendly GUIs and applications your server runs with, the bigger it's attack surface. I can't imagine managing a server with just a command line at this point. I guess being a programmer and PowerShell expert would help.
you are the only person on youtube who has educated me... thank you!
Hi Eli! In the next few days I will have an interview for the IT Manager's position (hospitality field), I haven't worked on that position before, though I worked as an system administrator for many years. There's not one video or article on the net that I could find about the subject, even not considering the field, there is no way to find out what might be the questions and what skills are expected from the right person for IT Manager's position.
Currently I am watching all of your introductioonary videos to have basic ideas about pretty much everything. It would have been so great if you could make such a video to make my preparation a little bit easier!
Thank you for your contribution!
Its like an STD or Bad Credit... People dont care about it until they get it and are effected by it... Good Video
Can you make a video to get started with pentesting please
Hi Eli! Where can I pay you to ask you for a specific question? Anyone?
wheres the dam t-rex? you put me together!
I like the new style of ETCG videos, nice one Eli, thanks for the info
In one of your video you said that... in internet no one can stay annonymous ... then why till now no one has been able to find out the source of wanacry ransomeware... plz do answere...
what about chrome OS?
Your thumbnail is on point
The advice given in this lesson, is really good.😃
Epic thumbnail pic.😎
Carve all your files into granite with a chisel. Fuck, yeah Egypt!
Instead of referring to Bitcoin as "anonymous" it's better analogy to refer to it as "digital cash." The block chain is entirely public, you can associate people or organizations to wallets but just like cash there are no guarantees and no third party besides the chain itself verifying your transactions.
Whats the command to see all the installed programs in Linux?
Which distribution?
RedHat based: yum list installed
Debian based: dpkg --list
Jarrod'sTech thanks i use Manjaro based on Arch
4:55 you explained everything about Windows :D ;)
So u mean we dont have to switch to Linux Mint or Peppermint 8? =)
I tried to configure Test lab with @ Vms; Windows 7 ultimate . I used Virtual box and could be able to set up internal network using your videos. Then I infected one machine with WannaCry but it wasn't distribute to other. I checked SMB port ;they were opened in both VMs. Could you please help on this .I need to know how to get infected the wannacry through the network. basically I am not a Hacker and I am studying Computer security.
Great video! (I like this side of your personality)
I would say that the rogue epidemic several years ago was the first prominent attempt to get money out of the end user, but ransomeware is far more dangerous.
By the way how do you pay with bitcoins? Can't the authorities track where the money is going?
No they can not that is the reason bitcoin was invented to keep that info from them. As well as the idea "We are runing out of money --- Print more!!!
USB ports on shared computers are cancer. Truth.
Just because windows 10 is newer, does not automatically make it more secure. Assuming someone is not crazy, no developer intentionally includes remote code execution vulnerabilities in their code. Furthermore, no software is secure because someone says it is. Being secure, is something that comes to light over time when the software has proven itself to be secure. When you add new features, you are simply adding new potential security risks.
Since the release of windows 10, there have been more exploits for windows 10 than on windows 7, as virtually every security update applied to 7, 8, and 10, in addition to a few that were unique to 10. It is very rare for an exploit to impact older versions of windows and not newer, as much of the codebase is carried over with each new version. This has been the case with every new version of windows. It is nothing unique to Microsoft, it is just a current fact that it is impossible to write perfect code.
Overall, people just need to get the latest security updates. Usually when a security issue is patched, details on the vulnerability are published, thus malicious people who didn't know about it before, will know about it now.
nice explanation eli !!!
But Eli! Autorun has been off by default since XP days....
And ransomware can totally work on a limited account. Anything the user can write to, the ransomware can overwrite.
Good tips tho :)
Great video. Very informative.
damn. I use my phone as a makeshift USB drive.
the only wireless transmission between my phone and computer is my own because my laptop has Bluetooth capabilities.
guess it will just be 4shared uploading in the future for me then when using others. -_-
I've seen this ransomewhere (Cryptolocker) in actions pretty nasty stuff, especially for those without a proper back up solution.
Eli recently got creative with photoshop.
just subbed...big fan of you ...
I have a better one: NEVER use a machine connected to the Internet for private use. If you absolutely must, use a trusted VPN service.
AUDIO, not loud enough!!!!!!!
video is hanging
Dat thumbnail doe lol
OH MAN I can already see the shitstorm that ensues from people uninstalling programs they don't think they use because they don't know what they are.
Eli, could you do a video on Peer 2 Peer?
i don't know about secunia, when i used it in the past it would say shit is up to date (firefox/thunderbird) even though I had the up to date version ready to install on the outdated version on my system. happened with my android as well. Sorry but I don't trust cloud computing. for work, fine but person?! I'll keep my usb drive thanks. especially in this case where every two seconds places are getting hacked because they don't clog the fuckin holes in their software.
That was a good video.
very informative i know you said it before but still valid thank you
Just came to like for the thumb-nail
Please Mister Eli don't leave RUclips. :-(
... I'm done.... haven't been so happy creating content in years...
Eli the Computer Guy But Mister Eli your videos are really really helpful. I remember the time when I was lost at the vmware's website. I couldn't tell the difference between the paid and free version, and all their terminologies. Your video about introduction to virtualization and esxi allowed me to actually get a basic understanding of virtualization. Furthermore, before watching your video I couldn't even tell the difference between esxi and vsphere. It's small things like these that matter. No on RUclips tells that, I've searched alot. Sure RUclips put a community strike on you, but you are such a good content creator, and your material is so dense that I'll bet you can cram alot of detail even in a really short video. You have a huge following, I belong from Pakistan, to the world this country is at least 1400 years behind. But think about it, even at places like these you have a very fine following, where you least expect them to be. So please it is my humble request to you, on behalf of all of your subscribers that don't leave RUclips. There are alot off people here that really admire your work. Heck! When you announced that you were going to delete your RUclips channel, I downloaded all of your videos, because they were full of knowledge and great insights earned from years of experience, and that's priceless. Lastly, once again I will request that you reconsider your decision of leaving RUclips. You are not bound to anything, not RUclips and not even your own decision. If you decide to come back no one will say anything. Thank you Mister Eli.
Salman from Pakistan.
On Louis' channel - "YOU need a website..."
On this channel - "YOU need a website..."
I'm done.
awesome thumbnail :)
let's use Linux !
Peppermint 8 =)
Watched this video purely because of the thumbnail
Wait..... did he say Pornado????? lol
get a mac or switch to linux. Backup on NAS system Problems solved
Those operating systems still have vulnerabilities, nothings perfect. They may be less targeted as they have a smaller user base, but it's far from problem solved, still got to stay up to date on patches.
i dont understand why people dont like windows10. its better than windows 7 and xp and vista. i understand that windows 10 has alot of tracking software in it but so do all the other operating systems.
I don't know... as far as Windows goes it's fine...
I am one of the people who doesn't like windows 10 that much. I used it for quite some time but are now back to windows 7. Many things in windows 10 are better, I agree but some things are just anoying. My favorite is that they obviously couldn't decide wich settings-manager to use, so they kept both. Most can be done in both of them but some are specific. Also there is no easy way to turn off the things you don't need: to turn off cortana for example you need to change registry entries. I also do not like the start menu wich often doesn't list all the entries it should (I know there are 3rd party apps for this).
I also fond this article "Why Windows 10 sucks or Everything Wrong with Microsoft Windows" wich I think is quite compelling: itvision.altervista.org/why-windows-10-sucks.html
But honestly my biggest problem is that most of my old games don't work anymore. :P
And since I use windows only for gaming and do anything else on Linux (or sometimes Mac) there are no bad feelings about sticking with an outdated Windows OS for now. ;)
Plus I think Kaby Lake u have to use Win10 =)
But eli...
Turn off your PC, end of problem
Horseshit. There are far more vulnerabilities in windows 10 than there ever was in XP.
Micro$oft really shot themselves in the foot when they abandoned XP.
THIS MESSAGE TYPED ON AN XP BOX
???