So let’s start with a little story. Last Tuesday I was setting up my old Laptop so that I can reach it from the internet therefor I have downloaded an RDP patcher and opened the neccessary port on my router. On Friday morning a ransomware has been put on the laptop with all my files encrypted.
Yes I know I did a lot of things wrong like using the default ports, using an untrusted patcher also my password was not the best (and yes I could have used an other dozen software which are more secure).
Thankfully I had to replace the motherboard a month earlier so there wasn’t that much stuff on it so as soon as I realized I started a factory reset and reverted the router changes.
I hope there is nothing else left on the laptop but still not 100% sure I am safe.
But one thing is still bothering me and I can’t seem to find an answer is connected to encryption itself.
So I have red a couple basic stuff but I can’t find the core things like:
If I use x program to encrypt can an other y program encrypt them again?
The answer is most likely yes but why? If I were to find a program that can lock it with a single encryption what are the core elements to do doing it and so on?
In general if you could point me to an article that has what I need it’s perfect but after spending hours with it none of them is trying to explain in that details.
Last but not least hit me with anything useful for my further testing considering the rdp, router or the encrytion (also I am looking for a great network logging program).
For what purpose do you need to access your PC over the Internet? If it is general access, you could just use Teamviewer. It’s easy to use, and it is free for personal usage. Also you dont need to port forward or change settings in your router. The only requirement is that the PC/Laptop (or even mobile) is online and running Teamviewer. (If you set up an account, you can simply connect to your own devices via password)
If you say “factory reset”, may I ask which windows version you are using? With Windows 10, there is an option called “factory reset” that wipes everything, from all of your disks if you are using more than one (instructions here: (How to Factory Reset Windows | Digital Trends)). Windows 7 does not have a built in option for a reset, try formatting your drives. Incidentally, this is also my tip, if you already have ransomware on the PC you should format all hard drives and hope that there is no rootkit in the bios.
I don’t now if I understand your question corretly, but lemme try:
You want program x to enrypt your stuff and are wondering if program y can encrypt the stuff?
Given that program x and program y are using the same encryption algorithm, you can.
You enrypt your secret files using WinRAR ,AES-CBC as the encryption mode and the output is a .zip file.
You send the .zip file to your friend and you want him to open the file.
He is using 7zip instead of WinRAR, but because he knows you encrypted the file using AES-CBC and he has the encryption key (that is indeed required) he can decrypt the file even if don’t has the same program.
If you really want to learn something about encryption, i can recommend this book.
If you just want you hard drive, your files and everything encrypted, you might consider using Windows 10 and BitLocker (Tip: You only can use Bitlocker if you’re using Win10 Pro or Win7 Ultimate/Enterprise but you can get a key really cheap on Amazon)
If you want to try something about network logging, you could use Wireshark. It really is a great tool but unfortunately not really for beginners.
Yes it’s general access and yes I have considered Teamviewer too but RDP was already on the laptop.
Factory reset: I have an Asus laptop with Win 7 Home. During boot pressing F9 and following the steps will reset it to factory config. Should I just do a clean install (as a student I can get educational Windows OS license for free).
Not really I am thinking of encrypting certain files/folders which can not be encrypted again.
Is there a way to limit how many times can a file be encrypted?
Thank you for the book recommendation
Not planing to encrypt the whole drive.
I will try Wireshark thanks that too.