Issue/Introduction:
The follow steps will assist in harding the proxy to protect your network against ransomware.
It is not necessary to execute all steps but the more of these policies that are implemented the more secure your enviroment will be.
Resolution:
- ​Block or limit FTP access
- Block known bad categories
- File Storage/Sharing
- Malicious Outbound Data/Botnets
- Malicious Sources/Malnets
- Peer-to-Peer (P2P)
- Phishing
- Piracy/Copyright Concerns
- Potentially Unwanted Software
- Proxy Avoidance
- Uncategorized
- none
- Create policy to block top level domains known to host ransomware
The top level domains listed here belong to regions known to be active in the spread of ransomware or regions that have limited laws against hacking and the hosting of malicious content. This is by no means an all inclusive list. More top level domains can be added to the policy as deemed necessary.
- es Spain
- cn China
- ru Russia
- io British Territories in the indian ocean
- tk Part of New Zealand