Squid

slacker

You're not a digital hoarder?

Under bait files, there's no problem With bait shares, there's 2 issues with excluded files #1 - The memory requirements to implement a watch on every file is immense. IIRC during my testing, inotifywait did not sent an event if a linked file was deleted (ie: encrypted / re-written, and the source removed) Because of that an attack cannot be detected unless every single file is watched or the directory is simply watched for any changes. #2 - The response time for inotifywait decreases with every additional file being watched. (As an aside, I just tried it and simply creating a .ds_store file will trigger an attack because of the change in the folder) I have no clue under what circumstances Finder creates those files, but I believe I have seen in the forums here instructions on how to stop finder from creating them in the first place. I really don't know what to say beyond stop your script from deleting them from bait shares, or stop finder from creating them in the first place. But no matter what, always keep in mind that this plugin is the last emergency line of defense (for the files on the server only), and to always make the necessary precautions on all your other networked devices to prevent any ransomware attack from happening in the first place. The attack won't originate from the server, but from another networked device, and its highly probable that all the files on that particular device will be trashed no matter what.

In a nutshell, you tell it that whenever say disk 8 spins up to also spin up disk 10. IMHO Its only useful for a share that spans multiple disks where any delay in accessing a file from one disk and then accessing a file from another disk is completely unacceptable due to the need to spin up the other disk. IE: Music shares.

I'd have to see the diagnostics before you reboot to try and see what went wrong. After that you can reset the permissions manually on the shares tab. Sent from my LG-D852 using Tapatalk

As soon as you go into the settings for Ransomware, there's a button that says Restore SMB permissions

lol I can't remember what it was linking to off the top of my head either. (It was for when there was no cache drive present). Surprised thought that when clicking into the box it didn't bring up a dropdown selector that allowed you to select your appdata share. Backing up all settings, etc: This plugin will do everything with the exception of VM vdisks.

TBH, you're better not doing that as if the equivalent user share is also exported and you happen to mess up and copy a file from the disk share to the user share the file just got corrupted.

Just restore smb permissions. There may still be an issue where the comment says it's not writeable but it still is. Sent from my LG-D852 using Tapatalk

If you're only using bait shares, then 99.999% of the bait files only exist within /mnt/user/.... since they are all hardlinks to the 4 main files. And yes, should you delete a bait file from /mnt/diskX instead of /mnt/user/... then the system will not pick it up because the fuse file system is never informed that a change happened on an individual disk. Not really a downside as there's very little reason to export disk shares over the network, and a Network attack is how ransomeware is going to attack.

Myself, I only use bait shares. Setup as a prefix of zzz-Squidbait placed altogether in the list. And I don't recreate on stop / start.

You are attempting to login with root and not Root or a regular user name?

Did you set screen to install within NerdPack's settings?

From your first post: This setup tell sonar to ultimately look in /mnt/user/appdata/downloads/sonardrone/sonardrone (since /downloads is a shortcut to /mnt/user/appdata/downloads/sonardrone) Same thing with Radarr. Like @chbmb said, if you set the mapping for /downloads to the exact same mapping on every container applicable, it should all work fine. As a matter of fact, once its all set up correctly, any new downloads won't have to go through the drone factory, and the intercommunication via the API's will automatically begin the imports once they are completed. But, I don't ever use deluge. But it will work no problems with Sab/nzbget

ok. With a view to 6.4 (which BTW I have NOT seen as of yet), I've added in support for up to 100 custom tabs. Although you're basically limited to 3-4 maximum under 6.3 due to the limited screen real-estate available. Once you exceed that available real-estate, you will see overlapping sections on the tabs, etc.

There's a price premium for government. Sent from my LG-D852 using Tapatalk

Cool. Next update to custom tabs is going to support 100 custom entries. Sent from my LG-D852 using Tapatalk

Bummer... I was actually hoping for a more open-ended system where the dashboard would allow 3rd party pages / boxes within its current 2 across format.

Easiest solution would be to set the docker app to NOT autostart, then create a user script vis a vis user scripts plugin set to run at array start containing something like this: sleep xxx (xxx is however long it takes for the other containers, VMs, etc to get up and running) docker start nameOfContainer whateverOtherCommandsYouWant

True enough, but I was also hitting file system limits during development on how many links per file I could do. And I needed to use links to keep the actual disk usage down to ~1Meg. The chosen # of shares and files within won't return an error on any filesystem that unRaid supports, and I didn't want to get myself into a support nightmare with why doesn't this work on my system (and unRaid's fuse filesystem further complicates things since a linked file may or may not be on the same filesystem as the original.)

Boot order is usually hard disk and under bbs priorties select the flash Sent from my LG-D852 using Tapatalk

Somethings not right. Unless the syslinux message is from a hard drive for some reason. Check your boot order and maybe just try the flash virgin. And after its bitting copy over the config folder. Sent from my LG-D852 using Tapatalk

Did you run makebootable as an admin? Sent from my LG-D852 using Tapatalk

Depends. Unless you're willing to purposely infect yourself to see what order it tries to infect. (but the paper I read said it was random) the bait shares concept tries to overwhelm the attack by giving it a million possible targets versus the couple thousand you may have of legit files. Any security system is a trade-off between convenience and security. For myself not including the regular shares is a trade off I'm willing to make for the increased convenience Sent from my LG-D852 using Tapatalk

That's impossible. Cross site vulnerability without adding JavaScript to the source Sent from my LG-D852 using Tapatalk