Rodder
-
Posts
11 -
Joined
-
Last visited
Posts posted by Rodder
-
-
On 2/1/2024 at 11:58 AM, dark_pyrro said:
What upload volumes are we talking about and are the files known to be large in size? Any sensitive data/information?
Very sensitive in nature - PII. Files are not large, PDF forms.
-
2 minutes ago, digininja said:
So it is to scan the files that have been uploaded rather than to protect the server itself as the files won't actually get executed on the server so wouldn't be able to do it any harm.
Unfortunately I still can't recommend anything as I don't run AV on any of my Linux boxes, but I was just curious about the use case.
I think one of the things you need to watch out for is that whatever you chose has to be generic enough to scan for malware that could affect any OS. Don't pick something that will only detect things that affect Linux boxes.
Thank you for the tip. I will keep looking, want something lite but robust enough to cover all bases. I appreciate you @digininja!
-
The server houses a program where files have to be uploaded and submitted. I didn't want anything nasty sneaking in.
-
Cautious, I will have to share the server address outside of the network.
-
Good morning everyone.
Looking for a good Linux antivirus program that's free for ubuntu server. Let me know what you would recommend based on your experiences.
Thanks in advance,
Rodder
-
On 1/15/2024 at 2:30 PM, DramaKing said:
If BitLocker wasn't enabled, a bootable password reset tool should have been all you needed to login as the default administrator.
Again, that program will prevent uninstallation unless you follow the instructions from GitHub.
Thanks @DramaKing going to attempt a SAM Dump and have John the Ripper or something else work the hash out for me. Unfortunately we are working on a limited budget, its just going to take some time. I'm by no means an IT guy I'm just trying to clean up a mess and get them back up and running securely.
If you have an alternate idea to a SAM dump let me know.
Thanks again!
-
On 1/10/2024 at 10:44 AM, DramaKing said:
A quick web search shows that Ninja RMM has uninstall prevention. See here: https://github.com/samersultan/Ninja-One-Uninstall-Agent/blob/main/Uninstall-Ninja-One-Agent-From-Workstation.md. As for the server, I know some things about hacking an AD DC, especially with physical access, but it would be a long walkthrough and dependent on the environment.
Thanks for looking into this for me. Unfortunately; it didn't work. The product key is not even found in the uninstall file in the registry. I can see the program in the registry but there is no uninstall. Any additional help here would be appreciated.
As for the server I had no choice but to off load what data I could, wipe the drives and install Windows server 2022 with a legit product key. They have about 30 computers here I cant do that for all of them. So again any help is greatly appreciated.
-
its all windows environment btw.
-
Just took a job where the previous IT guy did some shady stuff. The usual github licenses and charging for the real deal but he has software installed Ninjarmm that I cant remove despite my many attempts and he's locked the server down and is not handing over any admin passwords. is there anything yall can recommend or point me in the direction of to bypass this? not sure what to do.
Antivirus Suggestions' for Linux Ubuntu Server
in Security
Posted
Thanks again @digininja i have a call today with the software developer. going to ask them about this and what other customers use.