Subject: Re: [netatalk-admins] Corruption of files on server
From: Neil McAllister (nmcallister@primo.com)
Date: Fri Dec 11 1998 - 16:57:45 EST
>What i've done on all my netware and netatalk volumes is create empty,
>invisible, locked files called DB and DELDB using BBEdit and ResEdit at
>the root level of every share on every server (yes, it took a while).
>Then i was able to take my time installing virus software on all the macs
>without worry of worms spreading via servers. while i was at it, i turned
>off autoplay in the quicktime settings control panel on all the macs too.
>of course, this does nothing about non-worm viruses, but it's a start.
This brings up an interesting point -- does it really matter if a netatalk
server is infected with the AutoStart virus? My netatalk machine is an
Intel box -- and thus can't run the Worm's code. If it can't run the Worm,
it can't infect client Macs in this way.
netatalk is useful, however, for finding out who IS infected on my network
-- I can just go into the Unix side and peek at what user created the DELDB
file in the first place. Then I smack the user around, for not taking
proper precautions when they use Zips from clients, etc.
-- Neil McAllister, Systems Administrator Primo Angeli Inc., San Francisco, CA, USA http://www.primo.com mailto:nmcallister@primo.com
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:33:51 EST