search for: wannacri

Hello, Up till today I have only heard that it affects Windows clients and Servers. However I received this today that sparked my question https://ics-cert.us-cert.gov/sites/default/files/FactSheets/ICS-CERT_FactSheet_WannaCry_Ransomware.pdf This suggests blocking port 445 for Samba specifically. First wouldn't blocking port 445 break all file and printer sharing functionality?

On 2017-05-18 14:11, lingpanda101 via samba wrote: > Hello, > > Up till today I have only heard that it affects Windows clients and > Servers. However I received this today that sparked my question > > https://ics-cert.us-cert.gov/sites/default/files/FactSheets/ICS-CERT_FactSheet_WannaCry_Ransomware.pdf > > > This suggests blocking port 445 for Samba

Hi, we have updated our samba AD domain from 4.4.x to 4.5.x. The release notes for 4.5.0 included  "NTLMv1 authentication disabled by default". So we had to enable it to get our radius (freeradius) server working (for 802.1x). What would be the best way to change the freeradius configuration in such a way, that we can disable NTLMv1 again. The radius server is used for WLAN

On 09/30/2017 12:58 AM, Rowland Penny via samba wrote: > I understand that you have to use XP, but you don't have to use NTLM, > haven't you heard of 'wanacry' ? > Go here and read it:http://www.imss.caltech.edu/node/396 WannaCry did not infect XP or for that matter, Windows Nein, oops, Ten. Doesn't mean it couldn't if altered to do so: Reference:

On 10/01/2017 10:03 PM, Reindl Harald (mobile) via samba wrote: > > Am 02.10.2017 um 06:35 schrieb ToddAndMargo via samba: >> M$'s patches/updates can be miserable and cause all kinds >> of havoc.  It is a judgment call on when and how to install >> M$'s patches/updates.  It is best to make sure you have a good >> anti-virus updated and running.  Your AV is

On 06/28/2017 07:13 AM, L.P.H. van Belle via samba wrote: > IMO, > > First secure your entry points.. Mail webserver and proxy and the exit points. ( your users environment in my case windows 7/10 desktops.) > > Im waiting until trevor has the antivirus vfs is ready for samba 4. > @David Disseldrop, you know the status about that, since it was you call to get it in samba. ;-)

On 10/03/2017 05:57 AM, Gaiseric Vandal via samba wrote: > How old is the scanner ?   Did you check for a firmware update for > it?    NTLM has been around for so long that it is hard to imagine > anything that has to have LANMAN support. I called Xerox tech support and their answer was it was out of support. It is probably seven years old. It was an expensive scanner, not one of

It is an issue that I myself would also like to solve. I found multiple threads in samba and freeradius mailing lists. It seems that every couple of months there is question like this either here on FR mailing list and all point down to the same issue, that is: freeradius uses ntlm_auth (even when using winbind with newer freeradius versions, it also in the end uses ntlm_auth). And since

Hello experts/users, We have a samba server in ubuntu 18.04 LTS with version. apt-cache policy samba samba: Installed: 2:4.7.6+dfsg~ubuntu-0ubuntu2.16 Candidate: 2:4.7.6+dfsg~ubuntu-0ubuntu2.16 All is fine and great. Except one (internet disabled) windows 7 professional PC (sorry we still need to run it for a scientific tool) cannot connect unless I put "ntlm auth = yes" in

On Thu, July 20, 2017 8:07 am, Peter Larsen wrote: > On 07/16/2017 12:30 PM, Andreas Benzler wrote: >> - The firewall is placed in front of the cluster. >> - After you have found a safe base for this, you freeze it. > > Sorry, but this statement really urks me in a wrong way. Why do you > think a firewall is the ONLY part that needs to be provide security? > That's

IMO, First secure your entry points.. Mail webserver and proxy and the exit points. ( your users environment in my case windows 7/10 desktops.) Im waiting until trevor has the antivirus vfs is ready for samba 4. @David Disseldrop, you know the status about that, since it was you call to get it in samba. ;-) (https://github.com/fumiyas/samba-virusfilter/issues/23) I've seen good work but

Hi all, Just out of curiosity: is there anything we can do, on the samba side, to counter the recent ransomware attacks? (or limit the damage done) I'm thinking like: limit the number of files per second a client (workstation) is allowed to edit, or some other smart tricks..? It would be nice if samba could be an extra layer of defense. Something perhaps a vfs module could help with..?

Halo Valeri, let's think about what a hpc cluster is for. Second, one should always ask the question where security is to be applied,then one can come to the following decision: - The firewall is placed in front of the cluster. - After you have found a safe base for this, you freeze it. - We have a rsync of centos and epel on the head node. >From here, we can always reinstall a node

Hello, My Samba has been working well until I recently run Windows update for DC. I got the error message below on my client (Windows 8.1 Enterprise Evaluation OS) when accessing the Samba shares. " *\\pinnacle** is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.* " I can

On 07/16/2017 12:30 PM, Andreas Benzler wrote: > - The firewall is placed in front of the cluster. > - After you have found a safe base for this, you freeze it. Sorry, but this statement really urks me in a wrong way. Why do you think a firewall is the ONLY part that needs to be provide security? That's the way I read this statement - that it doesn't matter anywhere else. In

Am 02.10.2017 um 07:25 schrieb ToddAndMargo via samba: > On 10/01/2017 10:03 PM, Reindl Harald (mobile) via samba wrote: >> sorry but to say it clear: to think a anti-virus can replace a solid >> operating system is a naive and dangerous attitude >> > > Uhhh,   Why do you not look at infections rates instead of > marketing FUD.  WannaCry did not even touch XP. so

On 25/06/2020 16:56, Greg Marshall via samba wrote: > Hello experts/users, > > We have a samba server in ubuntu 18.04 LTS with version. > > apt-cache policy samba > samba: > Installed: 2:4.7.6+dfsg~ubuntu-0ubuntu2.16 > Candidate: 2:4.7.6+dfsg~ubuntu-0ubuntu2.16 > > All is fine and great. Except one (internet disabled) windows 7 > professional PC (sorry we

On 10/02/2017 12:32 AM, Reindl Harald via samba wrote: > > > Am 02.10.2017 um 07:25 schrieb ToddAndMargo via samba: >> On 10/01/2017 10:03 PM, Reindl Harald (mobile) via samba wrote: >>> sorry but to say it clear: to think a anti-virus can replace a solid >>> operating system is a naive and dangerous attitude >>> >> >> Uhhh,   Why do you not

The auto enrollment messages seems to be indicate that the client machine thinks it is connecting to an AD domain. The profile messages is indicative of a domain membership problem, whether or not you are using roaming profiles. Workgroup method is probably simplest-  although my past experience was that even at 5 machines managing multiple users on multiple machines gets tricky.     In

My guess Samba 3.6 (smb v1) Windows 8.1 after update, disabled smb v1 probely. ( wannacry crypto leak) Dont know for sure but that was ms its advice also. I think its time to update your samba. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > albert samba via samba > Verzonden: woensdag 24 mei 2017 20:13 >