Crypto Trojan "Locky"

  • What could in future be done from the side of the file systems used by OMV
    to prevent crypto-trojan "Locky" from encrypting all data on OMV shares?


    1) Automatically make all backed up files read only? Will this be enough?
    Or
    2) Automatically make all backed up files deletable only through a special password protected account?
    Or
    Add special characters to the file names on the OMV share so that a Windows client can not handle these?
    And make the special characters removable only through a password protected account?


    What do the file system experts here think should be done?


    Yours - Backupmaster

  • From what I can see, if you want to have Windows client accessing and writing Samba shares on OMV, there is very little you can do to stop the virus. Not using Samba, or read-only, is very inconvenient.


    The only real solution to an infection is backups (that are not also shared out r/w via Samba!). How to best achieve that depends on a variety of factors. For convenience, btrfs or ZFS snapshots would work very well.

    • Offizieller Beitrag

    rsnapshot the files to a non-shared drive works as well. This can be done very easily via the openmediavault-rsnapshot plugin.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!