Hi everyone,
I have purchased a QNAP TS-251D for a few months, Security Counselor after each scheduled scan gives me a couple of notices that I can't solve:
1) Average risk is "antivirus does not use the most recent virus definitions".
The NAS is connected directly to the router and the internet is always active, the antivirus is scheduled to check the updates 1 time a day and I noticed that it always happens after midnight, Security Counselor instead is scheduled to check once a week at 07:00am. Where is I wrong?
2) The second notice, with low risk is "push notifications for new versions of the firmware disabled". As internet browser I use Mozilla Firefox and it has recently been able to associate the NAS with Firefox, before it only worked with Google Chrome but, despite sending the test notification, Security Counselor continues to warn me, why?
I know that I could simply ignore the notices but, if they can be resolved in another way I would prefer.
Thank you
Security Counselor Report
-
- Experience counts
- Posts: 2043
- Joined: Thu Mar 03, 2016 1:11 am
Re: Security Counselor Report
To be honest: SC in my eyes is one of the wasted apps at NAS.
Antivirus update time can only be modified per SSH in crontab.
But I guess it will be hard to adjust time for update at SC to match.
I tried this by modifying the SC run time several times, but after a while the "not latest..." warning appears again.
My guess is that the timezone also takes part in that game (here tz is Europe).
Rules for notifications can be created/enabled/disabled in Notification Center.
Regards
Antivirus update time can only be modified per SSH in crontab.
But I guess it will be hard to adjust time for update at SC to match.
I tried this by modifying the SC run time several times, but after a while the "not latest..." warning appears again.
My guess is that the timezone also takes part in that game (here tz is Europe).
Rules for notifications can be created/enabled/disabled in Notification Center.
Regards
A raid is never a substitute for backup! Never!
Deadbolt - READ 1st post!!!
Deadbolt - information
Deadbolt - find your OP_RETURN!
VPN=VPN? No!
How to clean up your NAS after malware attack
www.raidisnotabackup.com
Deadbolt - READ 1st post!!!
Deadbolt - information
Deadbolt - find your OP_RETURN!
VPN=VPN? No!
How to clean up your NAS after malware attack
www.raidisnotabackup.com
-
- New here
- Posts: 5
- Joined: Mon May 27, 2013 11:48 pm
Re: Security Counselor Report
Hi,FSC830 wrote: ↑Sun Sep 25, 2022 4:00 am To be honest: SC in my eyes is one of the wasted apps at NAS.
Antivirus update time can only be modified per SSH in crontab.
But I guess it will be hard to adjust time for update at SC to match.
I tried this by modifying the SC run time several times, but after a while the "not latest..." warning appears again.
My guess is that the timezone also takes part in that game (here tz is Europe).
Rules for notifications can be created/enabled/disabled in Notification Center.
Regards
what do you mean by wasted referring to SC?
As for the antivirus, it was only to understand what that notification was linked but, I would never put hands in SSH for so little. For the time I confirm that my timezone is also Europe.
Thanks anyway for the explanations
- dolbyman
- Guru
- Posts: 35213
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security Counselor Report
SC is giving useless recommendations (disable admin, strong password, 2fa) people still get hacked via exploits that fall for a false sense of security.
So forget about SC and never ever expose the NAS to WAN
So forget about SC and never ever expose the NAS to WAN
-
- Experience counts
- Posts: 2043
- Joined: Thu Mar 03, 2016 1:11 am
Re: Security Counselor Report
Also as an example: at my test NAS I set different ports for http and https, just to get rid of this SC message "you are using the default ports for http/https".
What happens next? With modified ports Virtualization Station is not able to run , thank you QNAP!
So I had to choose: using VS and getting this messages or follow the SC advise and not being able to use VS!
So you can claim its not SC but VS that is the problem here, but it shows the weak points of SC.
Regards
What happens next? With modified ports Virtualization Station is not able to run , thank you QNAP!
So I had to choose: using VS and getting this messages or follow the SC advise and not being able to use VS!
So you can claim its not SC but VS that is the problem here, but it shows the weak points of SC.
Regards
Last edited by FSC830 on Mon Sep 26, 2022 2:46 pm, edited 1 time in total.
A raid is never a substitute for backup! Never!
Deadbolt - READ 1st post!!!
Deadbolt - information
Deadbolt - find your OP_RETURN!
VPN=VPN? No!
How to clean up your NAS after malware attack
www.raidisnotabackup.com
Deadbolt - READ 1st post!!!
Deadbolt - information
Deadbolt - find your OP_RETURN!
VPN=VPN? No!
How to clean up your NAS after malware attack
www.raidisnotabackup.com
-
- Starting out
- Posts: 15
- Joined: Fri Nov 27, 2020 10:53 pm
Re: Security Counselor Report
Do you refer to Virtualization Station? Well, that is quite strange. I run Virtualization Station without any problems on modified GUI ports of my NAS.FSC830 wrote: ↑Mon Sep 26, 2022 4:50 am Also as an example: at my test NAS I set different ports for http and https, just to get rid of this SC message "you are using the default ports for http/https".
What happens next? With modified ports Virtual Station is not able to run , thank you QNAP!
So I had to choose: using VS and getting this messages or follow the SC advise and not being able to use VS!
So you can claim its not SC but VS that is the problem here, but it shows the weak points of SC.
-
- Experience counts
- Posts: 2043
- Joined: Thu Mar 03, 2016 1:11 am
Re: Security Counselor Report
Sorry, yes I did (correct in previous post).
I apologize, I was a bit wrong, and need to look up exact issue in ticket.
Virtualization station can be used, but you cant run a QuTScloud VM any longer.
QuTScloud always asks for a license key after the default ports have been modified.
Only when settings ports back to default ports the QuTScloud VM was useable again.
I did not check now in final 5.0.1 if this is still present, but will do that in next days.
Regards
Edit: Checked! Issue is present in current final release too:
This happens after setting http/https ports to any other value than default.
So following the SC advise causes Cloud VM stop working!
Well done, QNAP! </irony>
You do not have the required permissions to view the files attached to this post.
Last edited by FSC830 on Mon Sep 26, 2022 5:10 pm, edited 1 time in total.
A raid is never a substitute for backup! Never!
Deadbolt - READ 1st post!!!
Deadbolt - information
Deadbolt - find your OP_RETURN!
VPN=VPN? No!
How to clean up your NAS after malware attack
www.raidisnotabackup.com
Deadbolt - READ 1st post!!!
Deadbolt - information
Deadbolt - find your OP_RETURN!
VPN=VPN? No!
How to clean up your NAS after malware attack
www.raidisnotabackup.com
-
- New here
- Posts: 5
- Joined: Mon May 27, 2013 11:48 pm
Re: Security Counselor Report
Ok guys, I understand the concept, I will immediately exclude QNAP from the internet entirely, unfortunately. Thanks for the advices
-
- Starting out
- Posts: 15
- Joined: Fri Nov 27, 2020 10:53 pm
Re: Security Counselor Report
That's sadly correct as far as I know. At least for QTS hero 5.0 and QTS 5.0 changing GUI ports will stop QTS cloud VMs finding their license.
I haven't checked QTS 5.0.1 so far, too.