How to protect our system through Ransomware ?

 

Protecting your system against ransomware requires a multi-layered approach that combines preventive measures, regular backups, and proactive security practices. Here are some steps you can take to protect your system:

 
1.    Keep your software up to date: Regularly update your operating system, antivirus software, web browsers, and other applications. Software updates often include security patches that address known vulnerabilities.
 
2.    Use robust antivirus and anti-malware software: Install reputable antivirus and anti-malware programs and keep them updated. Enable automatic scanning and real-time protection features to detect and block malicious software.
 
3.    Exercise caution with email attachments and links: Be cautious when opening email attachments or clicking on links, especially if they come from unknown or suspicious sources. Avoid downloading or executing any files unless you're confident in their safety.
 
4.    Be mindful of downloads: Only download files and software from trusted sources. Verify the reputation of the website and the authenticity of the file before downloading or installing it.
 
5.    Enable firewall protection: Use a firewall to monitor and control incoming and outgoing network traffic. A properly configured firewall can help block unauthorized access and limit the spread of malware.
 
6.    Implement strong and unique passwords: Use strong, complex passwords for all your accounts, including your operating system, email, and other software. Avoid using easily guessable passwords and consider using a password manager to securely store your credentials.
 
7.    Employ two-factor authentication (2FA): Enable two-factor authentication wherever possible. This adds an extra layer of security by requiring a second form of verification, such as a unique code sent to your mobile device, in addition to your password.
 
8.    Regularly back up your data: Create regular backups of your important files and verify that they can be successfully restored. Store the backups in a separate location, offline or in the cloud, to prevent ransomware from encrypting them.
 
9.    Limit user privileges: Restrict administrative privileges to only those who require them. Standard user accounts have limited access, reducing the impact if an account gets compromised.
 
10.  Educate and raise awareness: Train yourself and your employees about the risks of ransomware and the best practices for preventing infections. Teach them to be cautious of suspicious emails, attachments, and links, and to report any potential threats immediately.
 
11.  Consider security software specifically designed for ransomware protection: Some security solutions offer specialized features to detect and block ransomware behaviour, such as file encryption. Research and evaluate reputable security software that focuses on ransomware protection.
 
12.  Stay informed: Keep up with the latest news and developments related to ransomware attacks and prevention techniques. This awareness will help you adapt your security practices accordingly.
 

     Remember, while these measures can significantly reduce the risk of a ransomware attack, no solution is foolproof. Regularly review and update your security practices to stay ahead of evolving threats.

  SSL CONFIGURATION FOR APACHE USING OPENSSL

1.      Open command prompt (As Administrator) and change directory to “C:\Apache24\bin”

                          

2.      Type openssl.exe and press enter.

3.      Generate Private Key 

Type - genrsa -out Private.key 2048   - Press Enter

4.      Generate CSR

              Step 1 Type the following command and press enter

                 req -new -key private.key -out Domain.csr -config C:\Apache24\conf\openssl.cnf

            

           Step 2 Then specify Country Name , State or Province , Locality or City, Company ,    

                            Organizational Unit, Common Name (host+domain name).                                                                   

               Leave Challenge password and optional company name empty by pressing Return key.

          5. Once CSR file is generated, proceed to enrolment from CA to get SSL certificate.

          6.  Download SSL certificate and extract it's content into C:\Apache24\bin folder.

         7. Edit C:\Apache24\conf\httpd.conf in Notepad and remove # preceding following lines:

·         LoadModule ssl_module modules/mod_ssl.so

·         LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

·         Include conf/extra/httpd-ssl.conf

       8. Open up c:\Apache24\conf\extra\httpd-ssl.conf  in Notepad to make changes.

                STEP 1 Give file path for SSL certificate (.crt file) provided by CA.

                

                STEP 2 Give file path for private key which you generated in Step 3.

                STEP 3 Give file path for CA-bundle provided by CA in Certification Authority.

          9. After doing all the steps restart Apache service.

                                                           

       10. Open browser to check whether URL is secured using HTTPS or not.

       

Allowing Remote Desktop

1.     Open Server Manager. By default Server Manager will open when you log in to the GUI, otherwise you can select it from the task bar.

2.     Within the Server Manager window, select Local Server from the left hand side. You may need to wait a little for it to detect the current state of your system. You should see that Remote Desktop is listed as Disabled as shown below.

3.     Click on the Disabled text which will open the System Properties window in the Remote tab.

4.     From the System Properties window, select “Allow remote connections to this Computer” as shown below.

Tip: You can also open the System Properties window shown above by entering “SystemPropertiesRemote” into a Command Prompt or PowerShell terminal.

5.     Once you select “Allow remote connections to this computer” the below warning message will appear, advising that this will create the required firewall rules in Windows firewall to allow remote desktop traffic in from any source address, select OK to proceed.

6.     At this point you can optionally click the “Select Users…” button to define specific users or groups that have permission to connect via remote desktop. Select the OK button to close out of the System Properties window and enable remote desktop.

7.     Back in Server Manager, Remote Desktop may still show as Disabled until you refresh the view. After clicking the refresh button as highlighted below, the status should update to Enabled.

That’s it, remote desktop should now be ready to use!

Redirect HTTP to HTTPS automatically

Windows & Plesk Server

Windows-based accounts use web.config files to handle redirection.

Using the following code in your web.config file automatically redirects visitors to the HTTPS version of your site:

           Copy the following code in Web.config file under the “SYSTEM.WEBSERVER” section.

<rewrite>

    <rules>

        <rule name="HTTP to HTTPS redirect" stopProcessing="true">

        <match url="(.*)" />

        <conditions>

               <add input="{HTTPS}" pattern="off" ignoreCase="true" />

        </conditions>

        <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />

</rule>  

    </rules>

</rewrite>

2.       Save the web.config file and upload in Website root folder.

If you have an existing web.config file:

• Ensure you have sections (i.e. opening and closing tags) for:
• system.webServer (which contains rewrite)
• rewrite (which contains rules)
• rules (which contains one or more rule sections)

Insert any of those sections that do not exist.

• Insert the entire rule section, including match, conditions, and action, inside the rules section.

 Note: You're inserting the rule (without an 's') inside the rules (with an 's') section.

Change Default RDP Port

Change Default RDP Port

Follow the steps below to configure the change RDP Port for Windows Server 2012 & Windows Server 2016 and Server 2019

1. Right Click on Start Menu → Click on Run Tab

2. Type regedit → Click on Ok Button

3. Locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

4. Double click on Portnumber and Click On the Edit menu, click Modify, and then click Decimal.

5. Type the new port number 3437, and then click OK.

6. Click OK

7. Quit Registry Editor.

8. Restart the computer.

Note When you try to connect to this computer by using the Remote Desktop connection, you must type the new port. Maybe you have to set the firewall to allow the new port number before you connect to this computer by using the Remote Desktop connection.

*7 Biggest brain damaging habits*

1: Missing breakfast
2: Sleeping late
3: High sugar consumption
4: More sleeping specially in the morning
5: Eating meal while watching TV or computer
6: Wearing Cap/scarf or socks while sleeping
7: Habit of blocking/Stopping Urine

Free Tool for Comparison between 2 Files or Folders

WinMerge 2.14

WinMerge is an Open Source differencing and merging tool for Windows. WinMerge can compare both folders and files, presenting differences in a visual text format that is easy to understand and handle.

Free Download link - http://winmerge.org/downloads/