I wonder if it would be possible to stop running ransomware on a Linux system by detecting mass changes on files. Can watchdog or entr or inotifywait be used to detect bulk file changes and stop what is going on by a ransomware? Here is a discussion regarding file change detection which may help.
Asked
Active
Viewed 420 times
4
-
2This post belongs on http://security.stackexchange.com/ – MariusMatutiae Mar 08 '16 at 02:32