Asta pare a fi altul, nu wannacry, e foarte plauzibil ca a avut alt vector de atac (si ca latri la copacul gresit cu fw).
-- P. 2017-05-16 9:36 GMT+03:00 Paul Lacatus (Personal) <p...@paul-lacatus.ro>: > Pentru ca nu cred ca pot atasa poze pe lista mai jos e un link > > https://www.dropbox.com/s/gqndiohj9njuo1p/IMAG0725.jpg?dl=0 > > > On 16-May-17 09:29, Mihai Sari wrote: > > Salutare, > > > > Esti sigur ca este vorba despre wannacry? Poti sa trimiti o caputura de > ecran? > > > > Mihai > > > > Sent from my iPhone > > > >> On 16 May 2017, at 09:22, Paul Lacatus (Personal) <p...@paul-lacatus.ro> > wrote: > >> > >> Vineri m-am ales cu un calculator cu w7 criptat de WannaCry cred. Este > >> un dualboot ubuntu 16.04 si w7. Era in functiune ca testam controllerul > >> de la Unifi si mi-a fost mai simplu cu windows . Ce nu inteleg e cum a > >> luat-o fiind in spatele unui NAT si cu portforwarding pe 22, 10000 > >> pentru cand e sub ubuntu si 3389 sa-l pot opri de la distanta cand uit > >> de el sub W7 > >> > >> Regulile lui de port forwarding > >> > >> rule 10 { > >> description ssh_desktop > >> forward-to { > >> address 192.168.100.30 > >> port 22 > >> } > >> original-port 222# > >> protocol tcp_udp > >> } > >> > >> rule 16 { > >> description webmin_desktop > >> forward-to { > >> address 192.168.100.30 > >> port 10000 > >> } > >> original-port 1000# > >> protocol tcp_udp > >> } > >> > >> > >> rule 17 { > >> description remote_desktop > >> forward-to { > >> address 192.168.100.30 > >> port 3389 > >> } > >> original-port 3389 > >> protocol tcp_udp > >> } > >> > >> din informatiile care circula in media am aflat ca atacul vine pe portul > >> SMB deci 445 TCP sau 137,138,139 UDP care nu erau active . Stie > >> cineva mai multe ? > >> > >> _______________________________________________ > >> RLUG mailing list > >> RLUG@lists.lug.ro > >> http://lists.lug.ro/mailman/listinfo/rlug > > _______________________________________________ > > RLUG mailing list > > RLUG@lists.lug.ro > > http://lists.lug.ro/mailman/listinfo/rlug > > _______________________________________________ > RLUG mailing list > RLUG@lists.lug.ro > http://lists.lug.ro/mailman/listinfo/rlug > _______________________________________________ RLUG mailing list RLUG@lists.lug.ro http://lists.lug.ro/mailman/listinfo/rlug