Bug 40815

Summary: Using fail2ban to stop locky-style mass file modifications on shares
Product: Z_wiki.univention.de Reporter: Arvid Requate <requate>
Component: Cool Solutions - otherAssignee: Bugzilla Mailingliste <bugzilla>
Status: RESOLVED MOVED QA Contact:
Severity: normal    
Priority: P3 CC: gulden, michelsmidt
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
URL: http://www.heise.de/security/artikel/Erpressungs-Trojaner-wie-Locky-aussperren-3120956.html
What kind of report is it?: Security Issue What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Security
Max CVSS v3 score:

Description Arvid Requate univentionstaff 2016-03-02 11:31:31 CET 
We should describe how to configure Samba and fail2ban to detect and stop locky-style mass file modifications on Samba file shares. See URL for an article describing that approach.
Comment 1 Michel Smidt 2016-06-16 14:15:20 CEST 
Moved to redmine #5457.