Re: Linux machine hit by ransomware

To: debian-user@lists.debian.org
Subject: Re: Linux machine hit by ransomware
From: Greg Wooledge <greg@wooledge.org>
Date: Thu, 10 Jul 2025 06:57:10 -0400
Message-id: <[🔎] 20250710105710.GD28766@wooledge.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 69be5400-c8d9-4004-aa48-2ad9307f93aa@holgerdanske.com>
References: <[🔎] 764bc306-57ba-4194-ae45-ca1029b37083@shaw.ca> <[🔎] aGs-553V71VZH526@furbag.home.arpa> <[🔎] b1867d56-bdf7-4c9a-9c59-1eda696cbba7@vollmann.ch> <[🔎] aGymUWk1EZabgbtz@tuxteam.de> <[🔎] 55467f88-ad90-4edc-9a64-cf40585f0681@shaw.ca> <[🔎] 225944f6-8801-4af4-b275-ba86e7609f58@holgerdanske.com> <[🔎] d322ecd2-7f80-4dfe-a833-04ab6fa34e23@shaw.ca> <[🔎] 69be5400-c8d9-4004-aa48-2ad9307f93aa@holgerdanske.com>

On Wed, Jul 09, 2025 at 23:23:29 -0700, David Christensen wrote:
> On 7/9/25 22:14, Rick Macdonald wrote:
> > In 30 years I've never seen an isolated network. May I ask how this
> > might be done?
> 
> Assuming an Internet gateway with 4 LAN ports and Wi-Fi, and a server with 1
> LAN port, turn off everything except the gateway, connect the server LAN
> port to a gateway a LAN port (via switches, if needed), and boot the server.
> Add wired hosts by connecting their LAN port to a gateway LAN port (via
> switches, if needed).  Add Wi-Fi hosts by booting them.

An alternative example (with no Wi-Fi):

  * One switch or hub.  Connect to power.
  * Two or more computers.  Connect to the switch/hub, and to power.
  * On each computer, set an appropriate address manually, so they can
    talk to each other.

Use any non-routable IP addressing you like.  192.168.1.* is a common
choice.

As an even simpler example, if you only have *two* computers, you can
connect them directly to each other, without needing a switch/hub.
Back in the olden days (before gigabit ethernet adapters), you would
have needed a special crossover ethernet cable for this.  Now, on modern
devices, you should be able to use a regular ethernet cable.

Reply to:

Follow-Ups:
- Re: Linux machine hit by ransomware
  - From: Joe <joe@jretrading.com>
- Re: Linux machine hit by ransomware
  - From: rickmacd@shaw.ca

References:
- Linux machine hit by ransomware
  - From: Rick Macdonald <rickmacd@shaw.ca>
- Re: Linux machine hit by ransomware
  - From: Karl Vogel <vogelke@pobox.com>
- Re: Linux machine hit by ransomware
  - From: Detlef Vollmann <dv@vollmann.ch>
- Re: Linux machine hit by ransomware
  - From: <tomas@tuxteam.de>
- Re: Linux machine hit by ransomware
  - From: Rick Macdonald <rickmacd@shaw.ca>
- Re: Linux machine hit by ransomware
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: Linux machine hit by ransomware
  - From: Rick Macdonald <rickmacd@shaw.ca>
- Re: Linux machine hit by ransomware
  - From: David Christensen <dpchrist@holgerdanske.com>

Prev by Date: Re: Where does pure-ftpd store files when anonymous logs in?
Next by Date: SDD partitioning and allocations
Previous by thread: Re: Linux machine hit by ransomware
Next by thread: Re: Linux machine hit by ransomware
Index(es):
- Date
- Thread