[Samba] Ransomware?

Reindl Harald h.reindl at thelounge.net
Thu May 19 19:34:09 UTC 2016

Am 19.05.2016 um 19:33 schrieb Klaus Hartnegg:
> On 17.05.2016 at 15:38 Elias Pereira wrote:
>> I'm not aware of the last, but in previous versions, ransomware
>> encrypt all
>> files and after this he delete original files. If you have a
>> trash/recycle
>> configured, you can recover these files.
> We should better not rely on that. I read that ransomware overwrites
> only the first kilobyte in the files. This probably does not trigger
> samba to create a copy of the original in the recycle bin

nobody should rely on *anything* in that context

you have backups with enough retention time or not to recover after you 
realize that it happened - anything else is luck and wehn you rely on 
luck you can delete your data anyways

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20160519/271307d4/signature.sig>

More information about the samba mailing list