muhammad hamka wrote:
Hi all,
I've run my samba server running on my FreeBSD box. My samba connect to
several workstation (using Windows). I set the sharing for public (Everyone
can read/write/delete files).
The problem is some of my workstation is infected by virus. So everytime i
open that folder, i got a tons of virus (usually consist of , autorun.inf ,
file with .vbs extension and several suspicious executable file). I tried to
set samba-vscan with clamav, but this works only scan and moving those file
to quarantine. But those file will appear again because of virus daemon
running in infected workstation.
i have an idea to set a file filter that uploaded to my storage server. So
that, it can deny the file containing .vbs extension etc. to be written in
my storage. is there any software provide this solution? or any
configuration of samba i miss? thanx
Is there any reason for anonymous/guest access?
If not, by requiring users to authenticate in order to gain write access
you can identify the owner(s) of infected hosts and get them cleaned.
Consider if using a logon script can force installation/update of
ant-virus software on hosts.
Secondly, you might take a look at the veto files parameter. The
intended use is to prevent user access to system files (such as apple
share files). It is not clear if it will prevent the infected hosts from
uploading the files, but it should prevent access to these files and
hence the infection of other hosts.
Then you can run a cronjob regularly cleaning up the directories.
see smb.conf(5).
Cheers, Erik
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
