[Samba] ransomware etc
David Disseldorp
ddiss at samba.org
Wed Jun 28 12:42:04 UTC 2017
Hi,
On Wed, 28 Jun 2017 11:08:11 +0200, mj via samba wrote:
> Hi all,
>
> Just out of curiosity: is there anything we can do, on the samba side,
> to counter the recent ransomware attacks? (or limit the damage done)
>
> I'm thinking like: limit the number of files per second a client
> (workstation) is allowed to edit, or some other smart tricks..?
>
> It would be nice if samba could be an extra layer of defense.
>
> Something perhaps a vfs module could help with..?
>
> Anyone with tips, trics, ideas?
Although not bullet proof, I'd suggest taking periodic snapshots of the
Samba share using Btrfs, LVM, ZFS, etc. This will give you a read-only
restore point, should clients start misbehaving.
With Btrfs you could use the Snapper VFS module to expose the read-only
snapshots to clients via the Windows Previous Versions UI.
Cheers, David
More information about the samba
mailing list