[Samba] ransomware etc (referencing in part Samba-virusfilter)

[Trever L. Adams]

On 06/28/2017 06:54 PM, Trever L. Adams wrote:
> On 06/28/2017 07:13 AM, L.P.H. van Belle via samba wrote:
>> IMO, 
>>
>> First secure your entry points.. Mail webserver and proxy and the exit points. ( your users environment in my case windows 7/10 desktops.) 
>>
>> Im waiting until trevor has the antivirus vfs is ready for samba 4. 
>> @David Disseldrop, you know the status about that, since it was you call to get it in samba. ;-) 
>> (https://github.com/fumiyas/samba-virusfilter/issues/23) 
>> I've seen good work but it stopped..  :( 
>> I .. wannacry ..  :-)) 
> https://github.com/treveradams/samba/tree/testing is actually where to
> look, I believe it is current for 4.6.x (be warned you may have to reset
> to past versions from time to time as the code base is git push -f to
> keep the changelog short and as simple patches for merging). I am
> waiting on reviews for the last patch set. I am watching Samba 4.7/5.0
> cycle. It appears there will be some changes needed. The discussions
> went off list, but it should be ready for review. If there is an rc for
> 4.7, I will be happy to work on rebasing for that. I like the changes I
> am seeing and want to make sure it stays working.
One thing I left out. This may not affect all of the things going on now
(wannacry and petya), but can help prevent system infection in some
cases is using the veto files vfs module to prevent executebles from
being written to shares (I have seen some problems with this with
profiles, but nearly nothing else if done carefully and the profiles
share may have been my mistake) by non-developers/administrators.

Trever

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 886 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20170628/3ad887ca/signature.sig>