_vOv_·hace 2 meses·discussIf they can restore from backups, then there’s no need to pay the ransom in the first place… Ransomware is designed to silently corrupt your backups.
_vOv_·hace 3 años·discuss>And don't forget you're using some of those precious CPU cycles to parse the auth logs, with python no less :-)You can ship the log somewhere else, do the fail2ban there and perform the block action in another place up the stack.
_vOv_·hace 3 años·discussIt's called PXE boot.You need a server to host the ISO (via http/ftp/tftp or whatever you prefer) and a DHCP server that will distribute the ISO URI to the client.Configure the client to boot from the network in the bios and put it in the same LAN as the dhcp server.That's the gist of it.