Re: Ransomware on Power -- MIDRANGE-L

× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.

Running AV remotely on a Windows machine is a bad idea. To accomplish it
you generally have to share the root of the IFS and map a drive with an
*ALLOBJ profile. Both of which are VERY BAD from a security perspective.

1. About the only security on the share itself is read-only vs read/write.
Other than that, security is on the directory itself.
2. My advice:
* Never, ever share the root
* Remove any shares you don't actually need
* Make shares read-only whenever possible
* Grant the minimum directory permissions

HTH

date: Thu, 21 Jan 2021 13:10:18 -0600

from: Gerald Magnuson <gmagqcy.midrange@xxxxxxxxx>
subject: Re: Ransomware on Power

I have been asked to scan my IFS with our windows/network based AV
product, but I am worried to even start NetServer (SAMBA) to perform the
scan (which takes all day to run).
two questions: one, with NetServer being off, what vulnerabilities do I
have? two, securing IFS directories seems difficult, I don't know how to
secure shares, versus securing actual IFS directories, as when I attempted
to secure the Root Share, I actually locked out all green screen apps and
users from IFS folders. is there a good cookbook to get Shares properly
secured?

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.