Re: CryptoWall experience?
On 2014-12-22 19:38, Noel Butler wrote:
On 23/12/2014 12:00, jdow wrote:
And ClamAV is better than nothing. Safe browsing is more pertinent. Dual AV
programs also help, but slow the machine down dramatically. Some of the newer
tools that use other levels of analysis from typical AV tools can also
materially help.
I wouldn't say dramatically Jo, clamav is a resource hog though, some commercial
stuff like fprot are very snappy and no noticeable load increases.
Merry Xmas
PS - I upped the size of this msg font just for you :)
I appreciate that. Thanks.
{^_-}
Re: CryptoWall experience?
On 23/12/2014 12:00, jdow wrote: > And ClamAV is better than nothing. Safe browsing is more pertinent. Dual AV > programs also help, but slow the machine down dramatically. Some of the newer > tools that use other levels of analysis from typical AV tools can also > materially help. I wouldn't say dramatically Jo, clamav is a resource hog though, some commercial stuff like fprot are very snappy and no noticeable load increases. Merry Xmas PS - I upped the size of this msg font just for you :)
Re: CryptoWall experience?
SA offers no protection whatsoever for CryptoWall or any other similar malware.
ClamAV is the tool for that if you want "free". SA is only a classifier. The
user's setup or that of the ISP using SA uses that classification to pigeonhole
spam. To the extent that CryptoWall comes in a message that looks like spam
there is some protection, depending on how SA is deployed with secondary tools.
SA itself merely classifies spam.
If the machine has been hit by something like CryptoWall getting anything off of
it is unlikely.
And ClamAV is better than nothing. Safe browsing is more pertinent. Dual AV
programs also help, but slow the machine down dramatically. Some of the newer
tools that use other levels of analysis from typical AV tools can also
materially help.
This is probably the wrong venue for this question.
{^_^} Joanne
On 2014-12-22 16:56, Alex Regan wrote:
Hi all,
I suspect at least one of my customers has been hit with CryptoWall 2.0, and
wondered if anyone had any experience with it, and understand the level of
protection the latest SA provides?
What can I look for either in the mail logs or actual email archives as an
indication of potential issues?
If you're infected, does it automatically mean your hard disk is encrypted and
otherwise useless, or does it affect a system to varying degrees?
Is this even more of a clamav issue? Do you have any knowledge about clamav
patterns?
Thanks,
Alex
CryptoWall experience?
Hi all, I suspect at least one of my customers has been hit with CryptoWall 2.0, and wondered if anyone had any experience with it, and understand the level of protection the latest SA provides? What can I look for either in the mail logs or actual email archives as an indication of potential issues? If you're infected, does it automatically mean your hard disk is encrypted and otherwise useless, or does it affect a system to varying degrees? Is this even more of a clamav issue? Do you have any knowledge about clamav patterns? Thanks, Alex
