Windows Service to monitor drive c: for file events with crypto specific file extensions or with big file entropy.
It does not prevent from ransomware infection!
Don't use it in productive environments to prevent data loss! The Software comes without any warranty.
When a alarm is triggerd it send a email and shutdown the host or disable the network interfaces.
The alarm can be triggerd if locky extensions were found. Or if files were probably encrypted (big file entropy level). Or if a file event counter exceeds the allowed number of events in a certain periode of Time. Or if the the file extension does not represent a valid file because it has been encrypted.
c# source is included in the zip file
It uses the FileSystemMonitor class.
The Project is inactive because the software cant prevent against an infection.
License
GNU General Public License version 2.0 (GPLv2)
Define and Deliver Comprehensive Cybersecurity Services. Security threats continue to grow, and your clients are most likely at risk. Small- to medium-sized businesses (SMBs) are targeted by 64% of all cyberattacks, and 62% of them admit lacking in-house expertise to deal with security issues. Now technology solution providers (TSPs) are a prime target. Enter ConnectWise Cybersecurity Management (formerly ConnectWise Fortify) — the advanced cybersecurity solution you need to deliver the managed detection and response protection your clients require. Whether you’re talking to prospects or clients, we provide you with the right insights and data to support your cybersecurity conversation. From client-facing reports to technical guidance, we reduce the noise by guiding you through what’s really needed to demonstrate the value of enhanced strategy.
User Ratings
ease
1 of 5
2 of 5
3 of 5
4 of 5
5 of 5
0 / 5
features
1 of 5
2 of 5
3 of 5
4 of 5
5 of 5
0 / 5
design
1 of 5
2 of 5
3 of 5
4 of 5
5 of 5
0 / 5
support
1 of 5
2 of 5
3 of 5
4 of 5
5 of 5
0 / 5
Additional Project Details
Intended Audience
System Administrators, Developers