sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
8690b271a6
samba-mirror/docs
History
Andrew Bartlett a27ec4a011 Rework the 'guest account get's RID 501' code again... 
This moves it right into the passdb subsystem, where we can do this in
just one (or 2) places.  Due to the fact that this code can be in a tight loop,
I've had to make 'guest account' a 'const' paramater, where % macros cannot be
used.  In any case, if the 'guest account' varies, we are in for some nasty
cases in the other code, so it's useful anyway.

Andrew Bartlett
(This used to be commit 8718e5e7b2)
2002-08-17 04:51:27 +00:00
..
docbook Rework the 'guest account get's RID 501' code again... 2002-08-17 04:51:27 +00:00
faq Some grammar fixes picked up from the bugs.debian.org, submitted by 2002-05-24 13:24:58 +00:00
htmldocs large set of updates converting some of the textdocs to SGML/DocBook. 2002-08-15 13:56:33 +00:00
manpages large set of updates converting some of the textdocs to SGML/DocBook. 2002-08-15 13:56:33 +00:00
OID fixes from 2,2 2002-02-11 13:49:02 +00:00
Registry Merge from 2.2 2002-04-05 17:02:34 +00:00
textdocs Jelmer has been keeping on top of the typos. 2002-06-27 14:23:48 +00:00
yodldocs merge from 2.2 2001-12-06 07:37:58 +00:00
announce merge from 2.2 2001-12-06 07:37:58 +00:00
history yet another person asked me where the name Samba came from, so I put 1998-10-29 01:00:21 +00:00
README.ldap merge from 2.2 2001-12-06 07:37:58 +00:00
README.Win2kSP2 merge from 2.2 2001-12-06 07:37:58 +00:00
README.Win32-Viruses couple of updates mentioned on samba@samba.org 2001-12-20 21:25:20 +00:00
Samba-HOWTO-Collection.pdf large set of updates converting some of the textdocs to SGML/DocBook. 2002-08-15 13:56:33 +00:00
THANKS global change from samba.anu.edu.au to samba.org 1998-11-21 13:20:31 +00:00

README.Win32-Viruses

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

While this article is specific to the recent Nimda worm, 
the information can be applied to preventing the spread
of many Win32 viruses.  Thanks to the Samba Users Group of Japan
(SUGJ) for this article.
===============================================================================
Steps againt Nimba Worm for Samba

Author: HASEGAWA Yosuke
Translator: TAKAHASHI Motonobu <monyo@samba.gr.jp>

The information in this article applies to
    Samba 2.0.x
    Samba 2.2.x
    Windows 95/98/Me/NT/2000

SYMPTOMS
  This article has described the measure against Nimba Worm for Samba
  server.

DESCRIPTION
  Nimba Worm is infected through the shared disk on a network besides
  Microsoft IIS, Internet Explorer and mailer of Outlook series.

  At this time, the worm copies itself by the name *.nws and *.eml on
  the shared disk, moreover, by the name of Riched20.dll in the folder
  where *.doc file is included.

  To prevent infection through the shared disk offered by Samba, set
  up as follows:

-----
[global]
  ...
  # This can break Administration installations of Office2k.
  # in that case, don't veto the riched20.dll
  veto files = /*.eml/*.nws/riched20.dll/
-----

  Setting up "veto files" parameter, the matched files on the Samba
  server are completely hidden from the clients and become impossible
  to access them at all.

  In addition to it, the following setting are also pointed out by the
  samba-jp:09448 thread: when the
  "(Jreadme.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}"(B file exists on
  a Samba server, it is visible only with "readme.txt" and a dangerous
  code may be performed when this file is double-clicked.

  Setting the following,
-----
  veto files = /*.{*}/
-----
  no files having CLSID in its file extension can be accessed from any
  clients.

This technical article is created based on the discussion of
samba-jp:09448 and samba-jp:10900 threads.