SambaCry 正式登錄Linux

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

中國旅客：「錯的是世界」
左膠：「世人應當mitigate中國旅客產生的 喧譁 爆買 痾屎 等問題」

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

你既suggestion係回應緊咩問題？

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

中國旅客：「錯的是世界」
左膠：「世人應當mitigate中國旅客產生的 喧譁 爆買 痾屎 等問題」

Your point is?

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

你既suggestion係回應緊咩問題？

香港人永遠唔係面對問題係面對人，所以 香港問題永遠解決唔到
佢地覺得解決左個人，冇人再問問題等於問題唔在

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

你既suggestion係回應緊咩問題？

香港人永遠唔係面對問題係面對人，所以 香港問題永遠解決唔到
佢地覺得解決左個人，冇人再問問題等於問題唔在

係，就好似之前我話linux有啲咩嘢令人無辦法適應到嘅時候，你咪衝出嚟一味針對我嚟屌 ，如果你唔記得咗我陣間得閒可以同你推返哂上嚟

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

你既suggestion係回應緊咩問題？

香港人永遠唔係面對問題係面對人，所以 香港問題永遠解決唔到
佢地覺得解決左個人，冇人再問問題等於問題唔在

石屎牆上面有個洞會漏水
解決方法唔係塞咗個洞佢？

MRA: 根本唔應該用石屎牆，應該用磚牆！

乜磚牆就唔會有機會有呢啲問題？

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

你既suggestion係回應緊咩問題？

香港人永遠唔係面對問題係面對人，所以 香港問題永遠解決唔到
佢地覺得解決左個人，冇人再問問題等於問題唔在

石屎牆上面有個洞會漏水
解決方法唔係塞咗個洞佢？

MRA: 根本唔應該用石屎牆，應該用磚牆！

乜磚牆就唔會有機會有呢啲問題？

磚牆少漏好多
同埋有埋原料畀你
你肯學就自己造到舊磚曉飛都得
係你啲人用慣石屎牆唔肯轉啫

即係 sambacry 係 windows client 導致 ?

MrA d 邏輯真係世界級
唔識英文就查下字典 睇下mitigation點解啦

咁 windows update 係 mitigation ?

你既suggestion係回應緊咩問題？

香港人永遠唔係面對問題係面對人，所以 香港問題永遠解決唔到
佢地覺得解決左個人，冇人再問問題等於問題唔在

石屎牆上面有個洞會漏水
解決方法唔係塞咗個洞佢？

MRA: 根本唔應該用石屎牆，應該用磚牆！

乜磚牆就唔會有機會有呢啲問題？

磚牆少漏好多
同埋有埋原料畀你
你肯學就自己造到舊磚曉飛都得
係你啲人用慣石屎牆唔肯轉啫

紅字：做乜潛建
最尾一句：做乜老屈 用緊ubuntu覆你架

MrA 假定咗家庭使用者用電腦既功能係上網，基礎文書處理！唔會起牆 只會叫人幫佢起！

回應主題，而家d distro 有幾多merge 咗個fix 落mainline? 我部qnap仲未有update

Mitigation:

Any of the following:

1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit

2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.

3. Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.

即係 sambacry 係 windows client 導致 ?

其實你up乜？係咪我蠢？