[Samba] Samba Shares and Win32 Viruses

RRuegner robert at ruegner.org
Mon Apr 12 10:04:44 GMT 2004


Ow Mun Heng schrieb:
> 
>>-----Original Message-----
>>From: samba-bounces+ow.mun.heng=wdc.com at lists.samba.org
>>
>>Ow Mun Heng schrieb:
>>
>>
>>>Hi Collective users of Samba, (does has a nice ring to it eh?)
>>>
>>>Recently I found a my samba server being infected by win32 viruses. 
>>>Though it does not affect the server in any way, I do find 
>>
>>them to be
>>
>>>an annoyance.
>>>
>>>I understand also that I can perform "veto" of files like 
>>
>>*.exe in smb.conf
>>
>>>but find that to be a wee bit restrictive. There are some users who
>>>stores valid executables in the shares.
>>>
>>>http://hr.uoregon.edu/davidrl/samba-unofficial.html
>>>
>>>"To prevent access to suspicious files (e.g., those that 
>>
>>tend to become 
>>
>>>infected by virus'), use the following. The last bit 
>>
>>prevents access to 
>>
>>>files with a CLSID in the file extension.
>>>
>>>veto files = /*.exe/*.dll/*.pif/*.com/*.vbs/*.{*}/"
> 
> 
>>>        
>>
>>the best way will be to use vfs and antivirus software on that shares
> 
> 
> Any more info other than that? I found Clam-AV and I also found samba-vscan.
> How do I set things up? vfs? etc.
> 

Hi ,this is simple
[files3]
         comment = public files
         path = /files3
         read only = No
         guest ok = Yes
         browseable = Yes
         csc policy = disable
         vfs objects = vscan-fprotd

this is for the f-prot damon, it is equal with clam.
you should read man vfs with clam.( for setting up the clam daemon )
other a-vir technics are
for dazuko and antivir you dont need vfs, cause it is a kernel module
which will scan on the the native linux hosts filesystem.
Regards


More information about the samba mailing list