Page 79 - Cyber Warnings
P. 79
Disable Remote Desktop
In case you are not working with Remote Desktop, then there is basically no reason to have
it enabled. If you do use it regularly, you can change the default port from 3389 to something
different.
Create software restriction policies
Software Restriction Policies are procedures that permit you to set up numerous rules
that limit the number of folders an executable file can be launched from. You can do it manually
or let it go on autopilot with programs like CryptoPrevent.
Use application whitelisting
Whitelisting is when you set Windows to allow only particular software to execute.
This blocks all non-listed by you software from running. The issue, though, is that it requires a
lot of efforts to setup it correctly. In case you wish to try it out, there exist several guides for
Windows 7 and Windows 10.
Bottom line
Even if it may look like this is a big list with plenty of steps, many of them ask you to just slightly
adjust your security routines or do a job once and forget about it. As long as you stick to these
tips, you are going to be protected from not only ransomware by many other computer
infections.
About the Author
David Balaban is a computer security researcher with over 15 years of
experience in malware analysis and antivirus software evaluation. David
runs the Privacy-PC.com project which presents expert opinions on the
contemporary information security matters, including social engineering,
penetration testing, threat intelligence, online privacy and white hat hacking.
As part of his work at Privacy-PC, Mr. Balaban has interviewed such security
celebrities as Dave Kennedy, Jay Jacobs and Robert David Steele to get
firsthand perspectives on hot InfoSec issues. David has a strong malware troubleshooting
background, with the recent focus on ransomware countermeasures.
79 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
