Re: [Samba] ransomware etc
- Date: Wed, 28 Jun 2017 14:42:04 +0200
- From: David Disseldorp via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] ransomware etc
On Wed, 28 Jun 2017 11:08:11 +0200, mj via samba wrote:
> Hi all,
> Just out of curiosity: is there anything we can do, on the samba side,
> to counter the recent ransomware attacks? (or limit the damage done)
> I'm thinking like: limit the number of files per second a client
> (workstation) is allowed to edit, or some other smart tricks..?
> It would be nice if samba could be an extra layer of defense.
> Something perhaps a vfs module could help with..?
> Anyone with tips, trics, ideas?
Although not bullet proof, I'd suggest taking periodic snapshots of the
Samba share using Btrfs, LVM, ZFS, etc. This will give you a read-only
restore point, should clients start misbehaving.
With Btrfs you could use the Snapper VFS module to expose the read-only
snapshots to clients via the Windows Previous Versions UI.
To unsubscribe from this list go to the following URL and read the