Firmware update from 4.3.4 to 4.3.6.0959 safe?

Discussion on setting up QNAP NAS products.
Post Reply
mlevin77
Know my way around
Posts: 236
Joined: Wed Jan 08, 2014 3:53 am
Contact:

Firmware update from 4.3.4 to 4.3.6.0959 safe?

Post by mlevin77 »

I'm running a TS-879Pro in a home environment (behind a Comcast router). I've been advised by QNAP techs to update from 4.3.4 to 4.3.6.0959. Right now everything works; I'm worried that stuff will break after the update, as sometimes happens. Questions: 1) is it advisable to update (is there anything important, like security holes that can be exploited even though I'm behind a router, that are in this update? and 2) is 4.3.6.0959 considered pretty safe - are there any big known problems with it?
-----
TS-879Pro (firmware 4.2.0, 8 hard drives in a RAID6, accessed from Apple machines)
User avatar
Toxic17
Ask me anything
Posts: 6469
Joined: Tue Jan 25, 2011 11:41 pm
Location: Planet Earth
Contact:

Re: Firmware update from 4.3.4 to 4.3.6.0959 safe?

Post by Toxic17 »

With all updates there does come risk. with outdated firmware there does come risk too.

check the Security Advisory page: https://www.qnap.com/en-us/security-advisory

check here for any issues that users have found regarding the said firmware: viewtopic.php?f=142&t=148857

before updating, reboot your NAS first. then apply the update afterwards as a minimum precaution. you could also disable/stop ALL apps in app center prior to upgrading firmware.

4.3.6.0959 is marked as stable firmware. but we know that sometimes that does not mean it comes with its own flaws.
Regards Simon

Qnap Downloads
MyQNap.Org Repository
Submit a ticket • QNAP Helpdesk
QNAP Tutorials, User Manuals, FAQs, Downloads, Wiki
When you ask a question, please include the following


NAS: TS-673A QuTS hero h5.1.2.2534 • TS-121 4.3.3.2420 • APC Back-UPS ES 700G
Network: VM Hub3: 500/50 • UniFi UDM Pro: 3.2.9 • UniFi Network Controller: 8.0.28
USW-Aggregation: 6.6.61 • US-16-150W: 6.6.61 • 2x USW Mini Flex 2.0.0 • UniFi AC Pro 6.6.62 • UniFi U6-LR 6.6.62
UniFi Protect: 2.11.21/8TB Skyhawk AI • 3x G3 Instants: 4.69.55 • UniFi G3 Flex: 4.69.55 • UniFi G5 Flex: 4.69.55
mlevin77
Know my way around
Posts: 236
Joined: Wed Jan 08, 2014 3:53 am
Contact:

Re: Firmware update from 4.3.4 to 4.3.6.0959 safe?

Post by mlevin77 »

Thanks! Updated; so far so good.
-----
TS-879Pro (firmware 4.2.0, 8 hard drives in a RAID6, accessed from Apple machines)
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: Firmware update from 4.3.4 to 4.3.6.0959 safe?

Post by Moogle Stiltzkin »

if you are worried about breaks, always check the forum for similar threads but for the latest STABLE firmware
viewtopic.php?f=142&t=148857


check the comments see what others say about it.

most of us wait a week or a month before updating. probably update sooner if there is a critical risk patch for the firmware.
https://www.qnap.com/en-us/security-advisory


it's always best to stay on the latest stable firmware than an old outdated firmware.


and ALWAYS keep backups. Especially when you are just about to update firmware, make sure you have a fresh backup.


From time to time a newer firmware may botch something, that is why we check the forum threads FIRST before updating.

As long as you follow the golden rules you can avoid the ISSUES that arise from updating to a new firmware (most of the time. a lot of us got hit by that raid bug that one time, because it remained undiscovered for a couple of months, but good thing i didn't do a a raid rebuild in that duration so i dodged a bullet). It's still better than going cold turkey, cause with that logic you may as well never update your windows (because they have bad updates too every now and then), but you are bound to get hit if you did that.

It's not just your QNAP QTS you need to update regularly, don't forget to update your router firmware.... your client devices on your network (your pcs, laptops, smartphones) windows, android etc etc.... :)


these are some of the previous vulnerabilities, where it didn't matter if you were behind a router, you still could get hit


Wannacry (@1:30 you get hit by smb vulnerability )
https://www.youtube.com/watch?v=etPizFNPupk

VPNFilter (router compromised vulnerability)
https://www.youtube.com/watch?v=VmIjucsNOPQ


that said, sometimes there is a valid reason to remain on a downgraded not latest firmware. these are instances where you know the latest firmware has some issue where updating is not a good idea. and usually these kinds of situations you'd only be 1-2 firmwares behind (stable but slightly outdated). not dozens :S and these older firmware should NOT have any critical security issues that are unpatched ideally (refer to the security bulletin to figure that out). And this is usually a temporary measure until qnap releases a better stable firmware for you to update to.
Last edited by Moogle Stiltzkin on Sun Jun 16, 2019 4:24 am, edited 1 time in total.
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
mlevin77
Know my way around
Posts: 236
Joined: Wed Jan 08, 2014 3:53 am
Contact:

Re: Firmware update from 4.3.4 to 4.3.6.0959 safe?

Post by mlevin77 »

got it, thank you all!

Re. the backups though, I'm using my 16 TB QNAP basically as a backup for a bunch of other machines. I don't have anywhere else with enough storage to back up the back up. Do people have 2 identical ones to swap, for such purposes, or how do they back up what I thought was a large-storage kind of device?
-----
TS-879Pro (firmware 4.2.0, 8 hard drives in a RAID6, accessed from Apple machines)
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: Firmware update from 4.3.4 to 4.3.6.0959 safe?

Post by Moogle Stiltzkin »

mlevin77 wrote: Sun Jun 16, 2019 4:23 am got it, thank you all!

Re. the backups though, I'm using my 16 TB QNAP basically as a backup for a bunch of other machines. I don't have anywhere else with enough storage to back up the back up. Do people have 2 identical ones to swap, for such purposes, or how do they back up what I thought was a large-storage kind of device?
a backup is data stored on 2 different storage devices (minimum). 2 local backups (2 separate storage devices) + 1 offsite is ideal.

So if those "bunch of other machines" go kapoot, then you get the backup from the qnap. Then if the qnap goes kapoot, then you get your backup from those "bunch of other machines".

data retrieval has to work both ways for it to be an effective backup.

if it's inpractical to recover from those "bunch of other machines" you could instead opt to get a 2nd qnap to be the backup for the main QNAP. And it would work vise versa in any recovery/backup situation. other options is cloud backup or an external usb storage device.

Just an example of an external usb storage is the QNAP tr-004. It's cheaper than a full blown NAS, and can be used as a local backup solution.
https://nascompares.com/qnap-tr-004-nas ... on-review/
https://www.thestreamingblog.com/qnap-t ... re-review/


cloud storage backup providers for 16tb is a bit pricey..... :S thats why i opted for my own backup which i felt was cheaper in the long run. cloud storage providers tend to cater to the less than 1-2tb crowd, and usually make it hard for NAS users to use their service, or even if they did made the pricing unappealing to most regular users.

personally i'm using 2 qnaps. 1 is my main NAS on 24/7, the other is a backup i only turn on for doing backups or recovery. the native qnap app hybrid backup sync is what i use :)


so no, a standalone NAS even with RAID 1/5/6 does not count as a backup. A backup is 2 storage devices as mentioned :) raid is still useful though for both redundancy and also parity (checksum error fixing). And if raid5 1 drive or raid6 2 drive fail, just replace them with new drives let it rebuild. Then you won't have to resort to a full recovery using backups since the raid rebuilt just fine (the backup is there as a fail safe.)
Image
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
Post Reply

Return to “Turbo Station Installation & Setup”