Le Forum de la Domotique : LMD™ - LMD STore™

espaceur
Ce forum est dedié aux échanges de vos expériences, suggestions, découvertes et tous les sujets qui font avancer ce monde de la "Domotique" et de "l'habitat communicant". Pour toute suggestion d'un nouveau thème ou sujet de discussion, merci de bien vouloir contacter le Webmaster.
Membre d'honneur
Les membres d'honneur
espaceur
flèche Le saviez-vous ? la petite enveloppe en face du nom d'un participant permet de lui adresser un message privé ? (Réservé aux membres du club enregistrés sur le site)
Envelope
flèche En vous rendant sur votre compte Club LMD™, (Options "Forum"), vous pouvez modifier l'affichage de votre pseudonyme et que vous soyez "Membre du club" et/ou "Membre d'honneur", (Identifiez-vous en tête de page), vous pouvez changer également votre logo, appelé "avatar" :
espaceur
espaceur
Rechercher :

Forum : Technique : Astuces, expériences, recherches, etc.
Le VDI (Voix-Données-Images)
jackwilson



Proposé par Message
Pages :1
Envoyer un message privé à jack.wilson@l0real.net jack.wilson@l0real.net
jack.wilson@l0real.net
(1 message)
Publié le 04-07-2018 09:55
Hi,

Ok we are a VDI shop running Vmware view 6.0 on ESXi 5.5. We have about 110 desktops running mostly Windows 8 with some running XP till I get a chance to move them to 8. We are not running linked clones they are all Full desktops assigned to each use.
We got hit by cryptowall 3.0 twice now... backups worked and the 2nd time we used previous file versions inside windows 2012 on our file server.
In the VDI space we are all told to run the antivirus appliance from Vendor X in our Sophos. And not to even install the agents or run the virus scanner resident in the users computer.
In both cases the user went to a website that was exploited and the user got Cryptowall, I think it just ran on the users computer so nothing was downloaded just ran and stayed in memory and started to encrypt local files then moved on to the mapped drives and also started to encrypt files. Even though we have active antivirus running on the file server. I assume the Sophos could not really tell the files being encrypted was malicious it could of just been an end user encrypting files...
We are using a Dell Sonicwall 5000 which also did not detect the http stream and looking at the website I dont think anything was being sent over HTTPS.
What is the solution to this mess???? Seems like we need to be running AV on the desktops just like old times to prevent this type of attack or are we all suffering from this issue?

Please help.

I didn't find the right solution from the Internet.

References:-
https://arstechnica.com/civis/viewtopic.php?f=21&t=1291469
[url=https://jobs.vidzzy.com/hire-motion-infographics-animation-company/]Motion Infographic Animation Company[/url]

Thanks!

Pages :1




 MERCATOS Forum - © 2003 NTIC Edition-2016


Nos certifications : XML  SSL  Valid CSS!  RSS 2.0 RSS Validated -