On Sat, Dec 11, 2021 at 5:48 AM mj via samba <samba at lists.samba.org> wrote:> > > Op 11-12-2021 om 10:21 schreef Andrea Venturoli via samba: > > Or ransomware protection? > > Like: > > github.com/CanaryTek/ransomware-samba-tools > > > > I've had a look at the latter, although I didn't get to the end yet. > > We are running it, although slightly adjisted to our needs/environment. > > It works as promised, adding yet another layer of protection aganst > ransomware :-) > > MJ >Thanks. I was going to follow this[1] but I'm a little confused about this "Validate that log redirection is activated in the file smb.conf" comment. Is it just a matter of installing and configuring fail2ban or must I "redirect" my log sys to rsyslog? ref. [1] samba.tranquil.it/doc/en/samba_advanced_methods/samba_ad_fail2ban.html
On 12/12/21 04:35, Philippe LeCavalier via samba wrote:> Thanks. I was going to follow this[1] but I'm a little confused about this > "Validate that log redirection is activated in the file smb.conf" comment. > Is it just a matter of installing and configuring fail2ban or must I > "redirect" my log sys to rsyslog?You can tell f2b which file to watch. It needs not be written via syslog. bye av.