search for: cryptolock

For a CryptoLocker infection to be successful, a few things must be occur including: 1) No backup 2) Many files need to be encrypted Has anyone developed a Samba plugin to prevent successful CryptoLocker infections by shutting down Samba when an unusual number of data files are modified by a specific workstati...

Hi, Can anyone reassure that files & folders made available to windows via vfs shadow_copy2 cannot be modified in any way? My NAS backups are stored on an iscsi target formatted with ext4 & I'm concerned that they could be tampered with by a virus such as Cryptolocker. Thanks

...o this one. We have a Windows network with ~25 sites. Each site has a local Windows DC. Each site has a Debian 8.5 box running Samba 4.2.10-Debian. We decided to test moving shares from the Windows Server to the local Debian machine. (zfs snapshot is *really* handy when someone decides to open cryptolocker). File sharing has been working perfectly for about 6 months with one exception. Occasionally (for no reason I can find), winbind 'forgets' a handful of users. If I run 'wbinfo -i <a working user>' I get their name, home directory, shell, etc... If I run it against a non...

Am 20.04.2015 um 00:24 schrieb Andrey Repin: > First, I don't see "guest ok = yes" on your share. > Second, try with "map to guest = bad user", if you don't want to fix the link > to your domain proper. And probably you must also make sure that the user specified at "map to guest" actually exists, and has read permission in the shared directory.

...isable macros, vbs.. Aka all scripting you can disable. If a user needs it, open only that for that user ( but use groups to setup ) Most users open documentes from within browsers or mail apps, protect these locations. article here : http://www.computerworld.com/article/2485214/microsoft-windows/cryptolocker-how-to-avoid-getting-infected-and-what-to-do-if-you-are.html Set you antvirus heuristic scanning to high, yes you lose a bit speed, but you choose what you want. Security or extra work later.. And user may NEVER EVER work with Administrative rights. Supporting a home user, setup, explain, and t...

Hi all, Just out of curiosity: is there anything we can do, on the samba side, to counter the recent ransomware attacks? (or limit the damage done) I'm thinking like: limit the number of files per second a client (workstation) is allowed to edit, or some other smart tricks..? It would be nice if samba could be an extra layer of defense. Something perhaps a vfs module could help with..?

...vbs.. Aka all scripting you can disable. > If a user needs it, open only that for that user ( but use groups to setup ) > Most users open documentes from within browsers or mail apps, protect these locations. > article here : http://www.computerworld.com/article/2485214/microsoft-windows/cryptolocker-how-to-avoid-getting-infected-and-what-to-do-if-you-are.html > Set you antvirus heuristic scanning to high, yes you lose a bit speed, but you choose what you want. Security or extra work later.. > And user may NEVER EVER work with Administrative rights. > Supporting a home user, setup,...

I just noticed that my fresh install of Samba 4.2.3 has the same behaviour. I have a share (\\samba\it_share)) and some users when creating files have the UID as 3000000 and some have their correct UIDs. Share permissons are being controlled by Windows ACLs. On Wed, Aug 19, 2015 at 1:58 PM, Mark Foley <mfoley at novatec-inc.com> wrote: > More information, > > It appears I've

I have a Samba server here with 4 users and 4 XP systems. Kind of small, but it does the job. It is running as a PDC with roaming profiles. I should note that I left professionally supporting Windows networking around the time XP came out, so I have maintained an NTDomain through a number of incarnations (NT, Win2000, Samba2/3) and use of someone elses packaging. This time I want to use

Hello, Thanks for quick reply. File server config looks exactly like this, except more shares, all with same simple config. I know that "use defualt domain" isn't necessery, but it's not the issue for me right now. [global]        netbios name = VS-FILES        security = ADS        workgroup = MYDOMAIN        realm = MYDOMAIN.COM        log file = /var/log/samba/%m.log