Web lists-archives.com

Re: [Samba] ransomware etc


On Wed, 28 Jun 2017 11:08:11 +0200, mj via samba wrote:

> Hi all,
> Just out of curiosity: is there anything we can do, on the samba side, 
> to counter the recent ransomware attacks? (or limit the damage done)
> I'm thinking like: limit the number of files per second a client 
> (workstation) is allowed to edit, or some other smart tricks..?
> It would be nice if samba could be an extra layer of defense.
> Something perhaps a vfs module could help with..?
> Anyone with tips, trics, ideas?

Although not bullet proof, I'd suggest taking periodic snapshots of the
Samba share using Btrfs, LVM, ZFS, etc. This will give you a read-only
restore point, should clients start misbehaving.

With Btrfs you could use the Snapper VFS module to expose the read-only
snapshots to clients via the Windows Previous Versions UI.

Cheers, David

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba