alex at receptiveit.com.au
Mon May 16 00:04:54 UTC 2016
I like to put my Samba server on ZFS and take hourly snapshots. While the main share can be encrypted, the snapshots will remain in tact.
Currently I am using FreeBSD but will be starting a test server on Debian with ZFS.
> On 16 May 2016, at 9:05 am, jacek burghardt <jaceksburghardt at gmail.com> wrote:
> Iscsi cant be encrypted.
> Join my framily E02705708hn 3032 last name BURGHARDT state is co
> Cheapest sprint service only 25 a month.
> On Sun, May 15, 2016 at 3:30 PM, peter lawrie <
> peter.lawrie at glendiscovery.co.uk> wrote:
>> I had to deal with ransomware at the end of April. One of the PCs on my
>> customer's network was infected by opening a realistic looking email
>> apparently from a genuine supplier to the company and personally addressed.
>> The infection occurred on Wednesday, but encryption of the server only took
>> place late on Friday afternoon, presumably having obtained encryption keys
>> from the criminals. The malware did not encrypt documents on the infected
>> PC, but documents and spreadsheets in every folder on the samba shares were
>> encrypted. Fortunately the backup to rdx disk was working (On my previous
>> visit to the customer the backup had NOT been working and nobody had
>> I used linux 'cp -npr' to restore missing files and
>> find / -name “*.crypt” –type f –delete [deletes all files *.crypt]
>> find / -name “*de-crypt*” –type f –delete [deletes ransom message from
>> every directory which had contained encrypted files]
>> The answer to the question is take extreme care with incoming emails and
>> always make sure the backups are working.
>> On 15 May 2016 at 21:00, Andrew Bartlett <abartlet at samba.org> wrote:
>>> On Sat, 2016-05-14 at 22:42 -0700, ToddAndMargo wrote:
>>>> Hi All,
>>>> Is there anything in Samba that will help protect
>>>> against ransomware?
>>> I've not had to look into this properly, but I would suggest that
>>> regular and genuinely offline backups and regular Read Only snapshots.
>>> Andrew Bartlett
>>> Andrew Bartlett http://samba.org/~abartlet/
>>> Authentication Developer, Samba Team http://samba.org
>>> Samba Developer, Catalyst IT
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions: https://lists.samba.org/mailman/options/samba
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba