summaryrefslogtreecommitdiff
path: root/docs/README.Win32-Viruses
diff options
context:
space:
mode:
Diffstat (limited to 'docs/README.Win32-Viruses')
-rw-r--r--docs/README.Win32-Viruses57
1 files changed, 0 insertions, 57 deletions
diff --git a/docs/README.Win32-Viruses b/docs/README.Win32-Viruses
deleted file mode 100644
index 4646da83cf..0000000000
--- a/docs/README.Win32-Viruses
+++ /dev/null
@@ -1,57 +0,0 @@
-While this article is specific to the Nimda worm,
-the information can be applied to preventing the spread
-of many Win32 viruses. Thanks to the Samba Users Group of Japan
-(SUGJ) for this article.
-===============================================================================
-Steps against Nimba Worm for Samba
-
-Author: HASEGAWA Yosuke
-Translator: TAKAHASHI Motonobu <monyo@samba.gr.jp>
-
-The information in this article applies to
- Samba 2.0.x
- Samba 2.2.x
- Windows 95/98/Me/NT/2000
-
-SYMPTOMS
- This article describes measures against Nimba Worm for Samba
- server.
-
-DESCRIPTION
- Nimba Worm is infected through shared disks on a network, as well as through
- Microsoft IIS, Internet Explorer and mailer of Outlook series.
-
- At this time, the worm copies itself by the name *.nws and *.eml on
- the shared disk, moreover, by the name of Riched20.dll in the folder
- where *.doc file is included.
-
- To prevent infection through the shared disk offered by Samba, set
- up as follows:
-
------
-[global]
- ...
- # This can break Administration installations of Office2k.
- # in that case, don't veto the riched20.dll
- veto files = /*.eml/*.nws/riched20.dll/
------
-
- By setting the "veto files" parameter, matched files on the Samba
- server are completely hidden from the clients and making it impossible
- to access them at all.
-
- In addition to it, the following setting is also pointed out by the
- samba-jp:09448 thread: when the
- "readme.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}" file exists on
- a Samba server, it is visible only as "readme.txt" and dangerous
- code may be executed if this file is double-clicked.
-
- Setting the following,
------
- veto files = /*.{*}/
------
- any files having CLSID in its file extension will be inaccessible from any
- clients.
-
-This technical article is created based on the discussion of
-samba-jp:09448 and samba-jp:10900 threads.
generated by cgit (git 2.34.1) at 2024-07-06 22:48:24 +0000