How do I protect Samba shares from worms

I’ve been running suse 10.1 as Samba server and squid proxy for windows 3 clients in my family home. Windows clients had full read write access to shares. Sister likes peer 2 peer file sharing and then… kazaa!!! we’ve got worms. After worms ate all the .exe files on samba shares, I’ve turned off write access to all but 1 share. This share serves as a quarantine I check files in share then move them into the read only shares when confirmed safe.

This works but I’d like to free myself of this task and allow read/write to the more responsible members of the family. How can
I share samba and keep out worms?

Will user passwords on share be enough to stop worms writing to shares. If user is logged onto share and worm is on their system does it have same permissions as them?

Any input appreciated.


The short answer is “yes”.

You can make all shares read-write and impose a “read list”. Members of the read list cannot write. That way your sister will have to lodge files by your round-about method while others can be direct.

PS is there a way to recognise a worm, e.g. by its name?

Another thought: you could scan the Linux shares every 15 minutes with a cron job and a Linux scanner (if it can detect worms) and take action if any are detected.

Another thought: You could load windows into VMware server on Suse and mount the Linux shares as mapped drives in the virtual windows and set AVG free scanner to monitor the shares with also the default action to heal all viruses – that should work just fine.