Open riahc3 opened 4 years ago
One thing that you should never let anyone suggest to you is files that should be excluded...unless you really trust them. You don't want a black hat talking you into allowing something that they want.
That being said, there are several files under your Windows install directory that can probably be ignored. rat files etc.
It really has to be tailored to your specific servers, not your organization. You don't need many exclusions on a domain controller but you may have to make some concessions on a general file server.
Sorry for the plug, but: https://github.com/SparkyzCodez/FSRM-Anti-ransomware
I have a sample JSON file with basic exclusions in my project that would give you a good starting point. There's also a tool that will generate a list of ALL matching file on your entire system. Then YOU can decide what what you need to exclude.
Hello
I was wondering that besides excluding extensions, would it be possible to include a list to exclude certain files and folders?
Also something freeform, so to speak would be nice, such as:
hello.txt (ignores any file named hello.txt) C:\files\hello.txt (ignores ONLY the file hello.txt located at C:\files\ ) files\ (ignores any folder named files, along with its contents) C:\files\ (ignores ONLY the folder files located at C:\, along with its contents)
Thanks