SambaCry [how to be protected?]

Status
Not open for further replies.
John_n4s

John_n4s

Dabbler
Joined
May 15, 2017
Messages
16
danb35 said:
Update to 9.10.2-U4 or later.
Click to expand...
Thanks for the quick reply!
I was afraid this would be mentioned though... holding back upgrading to 9.10 because of all my current jail configurations and so forth..
Hopefully there is any kind of way to still be safe on 9.3 ..
 
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
Your current jails will continue to work just fine under 9.10, though I believe you'll no longer be able to do things like updating software packages in them.
 
DrKK

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
John_n4s said:
Hopefully there is any kind of way to still be safe on 9.3 ..
Click to expand...

If by "safe" you mean safe from the SMB exploit, then no, not really. This would require hacking the appliances system files, which is all sorts of unrecommended.

As danb35 says, if you update to 9.10-U5 (which is what I suggest you do), then your jails will, at that point, be frozen in time. YOu will still be able to use them, as you did before, but ultimately they are now frozen from being updated. I think it is worth doing. You'll be moving to a newer, and better, FreeBSD system, and you'll be on the current widely community supported FreeNAS.

Are your jails plugins, or custom jails? What are you running in the jails?
 
John_n4s

John_n4s

Dabbler
Joined
May 15, 2017
Messages
16
DrKK said:
If by "safe" you mean safe from the SMB exploit, then no, not really. This would require hacking the appliances system files, which is all sorts of unrecommended.

As danb35 says, if you update to 9.10-U5 (which is what I suggest you do), then your jails will, at that point, be frozen in time. YOu will still be able to use them, as you did before, but ultimately they are now frozen from being updated. I think it is worth doing. You'll be moving to a newer, and better, FreeBSD system, and you'll be on the current widely community supported FreeNAS.

Are your jails plugins, or custom jails? What are you running in the jails?
Click to expand...
Thanks for the reply.
Well there are 2:
- virtualbox (never modified - no mind to be frozen tbh)
- transmission (customized by installing openvpn, firewall rules and flexget inside of it - often updating and running pkg updates)

I think the last would be an issue..
 
John_n4s

John_n4s

Dabbler
Joined
May 15, 2017
Messages
16
danb35 said:
Actually, virtualbox will be a problem, as it simply won't work on 9.10.2.
Click to expand...
Ouch.. for now i arranged authentication on all of the shares and killed off nt pipe mode in the global samba configuration.
Seems to be the most I can do for now without ruining my entire custom setup..
Thanks for all the replies so far!
 
Status
Not open for further replies.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "SambaCry [how to be protected?]"

Similar threads

P
How to up Samba shares to be case sensitive and maintain Linux file permissions?
Replies
1
Views
2K
packoman
P
A
Recover from write-protected USB boot volume (failure)
Replies
1
Views
1K
Samuel Tai
Samuel Tai
D
Upgrading from FreeNAS-9.3-STABLE to TrueNAS
Replies
5
Views
1K
adrianwi
adrianwi
anodos
  • Locked
How to set up Time Machine over SMB in Jail
Replies
6
Views
3K
Robertr
R
R
  • Locked
SOLVED Unable to make password protected CIFS share
Replies
6
Views
3K
russoj88
R
Top