How to recover a files which are encrypted by ransomware [closed] - apache

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
As I'm using a windows 7.We are configured public ip to access our apache server. After a Remote desktop connection via Anydesk Ended. All the Files in System are encrypted with .deep extension. Every Folder Contains Text files that has id and mrdeep#protonmail.com and bitcoin donate information and also system already has K7 AntiSecurity(Licensed but about to end).But after affected, K7 automatically vanished. Hence can anyone help me to recover those files and also guide me to escape from such viruses in future..

it looks that this is Scarab ransomware new version. Scarab has decryption tool developed by Dr. Web. You should try that, it may work for this .deep extension or just use anti-malware tools, clean everything. Then maybe Data Recovery Pro will help with data decryption. Keep your anti-virus and anti-malware up-to-date so you can avoid this nasty virus. These most commonly come from infected spam email attachments. so clean that box more often and scan your system more frequently. Good luck!

Related

Cloud bucket virus security [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I have implemented an antivirus system using ClamAV on one of my apps which uses Google cloud storage for uploading files.
Currently what I am doing is, listening to bucket upload, download it on one of my servers, scan it using ClamAV, and deleting it if it was infected.
I am a newbie to this, Is it possible that the whole cloud bucket gets infected by a virus on upload only.
i.e, can a virus execute himself on the bucket(any cloud bucket) itself?
If yes then please suggest some other solution to solve this issue as my current solution would be ineffective in this case.
Object Storage systems do not provide an execution framework hence an infected file cannot infect other files in the bucket.

MarkLogic 8, forgot user name I used. What can I do? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I just installed MarkLogic 8 and forgot user name I used. What can I do?
Since you just installed, if you haven't done anything that would bother you to lose, it might be simplest to blow it away and start again. Uninstall MarkLogic, then remove the data directory (rm -rf /var/opt/MarkLogic on Linux), then reinstall.
Again, this is only if you haven't started loading up data, setting up apps, etc. If you have, go with DALDEI's answer.
If you have physical and legal authority over the system, you can copy off the Forest directories (except security), re-install from scratch then re-attach the data. Most of the metadata will still be intact and as long as you have the new admin password you can patch up the parts that are not.
That is if you havent already customized a complex system - the hardest part to restore will be the objects in the Security database, those will be lost.
( users, permissions, roles etc) There is also the group and database configurations - those are not secured in the same ( they are stored in XML files on disk) so if you have system OS root access its likely possible to reconstruct most of the configuration data as well.
If this is a mission critical system I suggest contacting support, there are some methods for recovery of most of your data if done very carefully and if you have physical access and the data is otherwise unencrypted and accessable.

Can Malware infect a shared server? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
Hi there Ladies and Gents
I am asking this question because this weekend ahas seen me go from a fully haired man to a bold man in let them 24 hours. Google found malware on three site we are running on a shared server. All the files are HTML or Java. I have done some research and this Malware software put a load of numbers and letters at the bottom of the HTML pages. So, I have cleaned the files off the server, and replaced them with clean files from our own hard drives. But within a few minutes the files are infected again. Then looking at the file, there are no bits of code. So when I go back to firefox and look again, after clearing the cache the same thing happens again, the red screen! I am just wondering if, there could be a infection on the shared server and it could be infecting more than just our three website?
Sorry it's long winded - No sleep for 48 hours sorting this out and rebuilding the sites on another server we trust.
Kind regards to all who read this message.
John
Yes. it is possible for malware to infect a whole server.

What are the dangers of a hacked Apache Tomcat server? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
If a Tomcat7 (on Ubuntu 12.x) gets hacked (caused by weak username/password) what is the hacker able to do? Of course he can deploy .war archives.
But:
Can he get access on the complete file system?
Can he change tomcat/FTP/ubuntu admin passwords?
Or are there no limits at all?
If you are talking about a weak password for the tomcat manager application (that you can use to deploy new webapplications): Well - can you imagine a web application called "remote file explorer"? or "remote shell"? Basically, if you can upload code to servers that gets executed, there's almost no limit.
Well, the limit is set by your admins: Java (and with it Tomcat) can run in a sandbox/security manager. I actually know not many installations that do this. Also, quite a lot of tomcat installations run as the root user - if you lose control over such an instance, you're toast.
So the question you're asking is: "Is it dangerous when attackers can run arbitrary code on my server?" I hate to reveal this, but the answer is "yes".
As of tomcat, I feel that the manager application is nice for debugging, but not something you want to deploy on a production system, visible to the world. But that's only a very small part of the hardening process.
Oh, and even though it might not exactly fit in this context, but you might want to look at Java/Tomcat hacked, I just found this scrolling by - a nice alternative vulnerability to a weak password.

private fileserver [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
For our company I want to setup a file sharing service such as Dropbox but on our own servers for our corporate information.
It must be only available for employes of our company.
Please suggest me software package.
I suggest you try http://owncloud.org/.
That's what we use in my company and it is quite convenient to sync our working files (similar to what dropbox do), and to share files as well.
Have a look at arXshare (http://www.arxshare.com). You can install it on any server with PHP, it is easy to setup, and it does not require any database and is very lightweight. Furthermore, it does end-to-end encryption, so your shared files on the server are useless without your password.