>>> "JC" == Juergen Christoffel writes:
> On Fri, Aug 05, 2022 at 05:45:53PM +0200, Uwe Brauer via Gnupg-users wrote:
>> 1. just for the first very rough analysis what is a convenient command to
>> get a list of files that have high entropy?
> The first step might be to install tripwire and
This whole thread is a bit, well cause to ponder ..., and beef a little ...
On Fri, Aug 5, 2022 at 2:40 AM Uwe Brauer via Gnupg-users
wrote:
>
> Hi
>
> I apologize for this message that can be a bit off topic.
> (I am on Ubuntu 16.04)
(Running off to see how much longer that's going to be
On 2022-08-09 22:23, Ángel wrote:
> On 2022-08-04 at 18:58 +0200, Uwe Brauer wrote:
> >
> > Hi
> >
> > So is there any other way to run find and some other script to find
> > suspicious files? Google is not really helpful
> >
> > Regards
> >
> > Uwe Brauer
>
> If you suffer a ransomware
On 2022-08-04 at 18:58 +0200, Uwe Brauer wrote:
>
> Hi
>
> So is there any other way to run find and some other script to find
> suspicious files? Google is not really helpful
>
> Regards
>
> Uwe Brauer
If you suffer a ransomware attack I would say your problem won't be
*noticing* that. If
On Fri, Aug 05, 2022 at 05:45:53PM +0200, Uwe Brauer via Gnupg-users wrote:
1. just for the first very rough analysis what is a convenient command to
get a list of files that have high entropy?
The first step might be to install tripwire and only check files, which
tripwire reports as
>>> "RJHvG" == Robert J Hansen via Gnupg-users writes:
>> 3. I could use the ent command which measure the entropy, high
>> entropy is an indication of encryption (but jpg have also high
>> entropy). However I should then study the distribution of each
>> letter to be sure.
> A JPEG *body* has
On Thu, 2022-08-04 at 18:58 +0200, Uwe Brauer via Gnupg-users wrote:
> How can I find say encrypted files in my home directory?
What an interesting exercise! Got me thinking. I'm a total crypto
ignoramus, so take all this with a grain of salt...
I don't think there is any truly reliable way, but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, 4 Aug 2022, Jan Eden via Gnupg-users wrote:
Hi,
I just check for a list of ransomware filename patterns (e.g.
*.cryptotorlocker*).
Best regards,
Jan
On 2022-08-04 18:58, Uwe Brauer via Gnupg-users wrote:
Hi
I apologize for this
3. I could use the ent command which measure the entropy, high
entropy is an indication of encryption (but jpg have also high
entropy). However I should then study the distribution of each
letter to be sure.
A JPEG *body* has high entropy. The JPEG *header* has
Hi,
I just check for a list of ransomware filename patterns (e.g.
*.cryptotorlocker*).
Best regards,
Jan
On 2022-08-04 18:58, Uwe Brauer via Gnupg-users wrote:
>
>
> Hi
>
> I apologize for this message that can be a bit off topic.
> (I am on Ubuntu 16.04)
>
> How can I find say encrypted
Hi
I apologize for this message that can be a bit off topic.
(I am on Ubuntu 16.04)
How can I find say encrypted files in my home directory? The idea is to
use some magic command together with the find command.
I know
1. The file command will return for example for a gpg encrypted file
11 matches
Mail list logo