Displaying 20 results from an estimated 1400 matches similar to: "ransomware etc"
2017 Jun 28
0
ransomware etc
IMO,
First secure your entry points.. Mail webserver and proxy and the exit points. ( your users environment in my case windows 7/10 desktops.)
Im waiting until trevor has the antivirus vfs is ready for samba 4.
@David Disseldrop, you know the status about that, since it was you call to get it in samba. ;-)
(https://github.com/fumiyas/samba-virusfilter/issues/23)
I've seen good work but
2017 Jun 29
1
ransomware etc (referencing in part Samba-virusfilter)
On 06/28/2017 07:13 AM, L.P.H. van Belle via samba wrote:
> IMO,
>
> First secure your entry points.. Mail webserver and proxy and the exit points. ( your users environment in my case windows 7/10 desktops.)
>
> Im waiting until trevor has the antivirus vfs is ready for samba 4.
> @David Disseldrop, you know the status about that, since it was you call to get it in samba. ;-)
2017 May 15
1
wanna cry ransomware patch for samba-4.5.5
Hai,
Not really a question for samba technical, but i can share this.
No need for setting things on samba, that wont help a lot.
Below is my setup and its just how you configure your pc's.
This and almost all other "malware" is EASY to block, but it wil have impact on how your work.
First, start with NEVER work/run as user with administrator rights.
If one needs it, then not
2012 Mar 12
3
postfix and spam, I am impressed
I have had the same email address since 1997 (when microsoft stole
bob.com from me thanks to network solutions...)
In the early days I of course was free with my email and used it everwhere.
Fast forward to 2012, some 15 years later.
woof..the amount of spam sent to me has always just kept getting worse
and worse.
On my centos 5 server I just used sendmail with spamassassin and it
killed a
2010 Oct 20
8
anti-spam+anti-malware suggestions
Hello people,
I am using now qmail in cluster with LDAP + Interscan Messaging Security
Suite from Trendmicro.
I need to develop a new solution with:
- postfix
- dovecot
- anti-spam
- anti-malware.
I am thankful any help or suggestion for anti-spam and anti-malware.
Thanks in advance!
--
:) cumprimentos
----------------------
Jos? Lu?s Faria
Network Eng./Administrador de
2010 May 21
1
question about scripts sieves
hello list
hello dovecot network
hello all the reader
here is a sieve script
this
########################################
require
["fileinto","regex","comparator-i;ascii-numeric","reject","relational"];
# rule:[spammanage]
if header :value "ge" :comparator "i;ascii-numeric" ["X-Spam-score"]
["500"] {
2017 Jun 28
2
ransomware etc
On Wed, Jun 28, 2017 at 8:42 AM, David Disseldorp via samba
<samba at lists.samba.org> wrote:
> Hi,
>
> On Wed, 28 Jun 2017 11:08:11 +0200, mj via samba wrote:
>
>> Hi all,
>>
>> Just out of curiosity: is there anything we can do, on the samba side,
>> to counter the recent ransomware attacks? (or limit the damage done)
>>
>> I'm thinking
2016 Dec 18
6
[PATCH v3 0/6] Feature: Yara file scanning
v3:
- allow to load multiple rule files
- added optional namespace parameter to yara_load
- move destructor logic in yara module
- use generic file upload logic
- use generic temporary path function
Matteo Cafasso (6):
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
2016 Nov 09
9
[PATCH v2 0/6] Feature: Yara file scanning
v2:
- Fix yara dependency in packagelist
- Use pkg-config where available
- Improve longdesc of yara_load API
- Fix libyara initialization and finalization
- Import CLEANUP_FCLOSE
- Add custom CLEANUP_DESTROY_YARA_COMPILER
- Add rules compilation error callback
- Other small fixes according to comments
Matteo Cafasso (6):
appliance: add yara dependency
New API: yara_load
New API:
2016 Nov 02
8
[PATCH 0/6] Feature: Yara file scanning
Yara is a rule based scanning engine aimed to help malware analysts in finding and classifying interesting samples.
https://github.com/VirusTotal/yara
This series adds Yara support to Libguestfs allowing to upload sets of rules and scanning files against them.
Currently provided APIs:
- yara_load: loads a set of rules
- yara_destroy: free resources allocated by loaded rules
- yara_scan:
2017 Feb 19
9
[PATCH v3 0/7] Feature: Yara file scanning
Rebase patches on top of 1.35.25.
No changes since last series.
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am
2017 Apr 25
8
[PATCH v9 0/7] Feature: Yara file scanning
v9:
- fixes according to comments
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am | 4 +-
2017 Apr 06
14
[PATCH v6 0/7] Feature: Yara file scanning
v6:
- use new test functions
- fix yara_detection struct field names
- revert yara_load function to initial version
With Pino we were exploring the idea of allowing Users to load multiple
rule files with subsequent calls to yara_load API.
https://www.redhat.com/archives/libguestfs/2016-November/msg00119.html
It turns out impractical due to YARA API limitations. It is possible
to load multiple
2017 Apr 24
10
[PATCH v8 0/8] Feature: Yara file scanning
v8:
- Ignore returned value in daemon/upload.c
- Report serialization errors in lib/yara.c
Matteo Cafasso (8):
daemon: ignore unused return value in upload function
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in
2017 Mar 12
8
[PATCH v4 0/7] Feature: Yara file scanning
Rebase patches on top of 1.37.1.
No changes since last series.
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am
2016 May 17
4
Ransomware?
On 05/15/2016 01:00 PM, Andrew Bartlett wrote:
> On Sat, 2016-05-14 at 22:42 -0700, ToddAndMargo wrote:
>> Hi All,
>>
>> Is there anything in Samba that will help protect
>> against ransomware?
>
> I've not had to look into this properly, but I would suggest that
> regular and genuinely offline backups and regular Read Only snapshots.
>
> Andrew
2017 Apr 04
13
[PATCH v5 0/7] Feature: Yara file scanning
v5:
- rebase on top of 1.37.9
- add missing actions_yara.* files
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am
2017 Apr 23
11
[PATCH v7 0/7] Feature: Yara file scanning
v7:
- Fixes according to comments
- Rebase on top of 1.37.12
Matteo Cafasso (7):
daemon: expose file upload logic
appliance: add yara dependency
New API: yara_load
New API: yara_destroy
New API: internal_yara_scan
New API: yara_scan
yara_scan: added API tests
appliance/packagelist.in | 4 +
configure.ac | 1 +
daemon/Makefile.am
2016 May 17
3
Ransomware?
Am 17.05.2016 um 09:47 schrieb Fabian Cenedese:
>
>> Am 16.05.2016 um 07:32 schrieb ToddAndMargo:
>>> May I surmise that all the encrypted file now have
>>> an extra extension of ".crypt"? So it is easy to
>>> see who got clobbered.
>>
>> how do you come to that conclusion and even if some malware acts that way what makes you sure you can
2013 Aug 22
3
Logging passwords on auth failure/dealing with botnets
Hi,
Since upgrading our mail servers to Postfix/Dovecot, we've seen a rather large increase in botnet brute force password attacks. I guess our old servers were too slow to suit their needs.
Now, when they hit upon a valid user, it's easy to see what passwords they are trying (we've enabled auth_debug_passwords and set auth_verbose_passwords = plain). We can easily have log