FEATURE REQUEST: Progressive IP blocking duration

Tell us your most wanted features from QNAP products.
Locked
newtom80
First post
Posts: 1
Joined: Thu Apr 22, 2021 4:11 am

FEATURE REQUEST: Progressive IP blocking duration

Post by newtom80 » Thu Apr 22, 2021 4:34 am

Hello,

I am a happy user of a TS-351. I am running an FTP server on my NAS, which is recurringly attacked by hackers, as the log states. Although under Control Panel -> System -> Security -> IP Access Protection there is a possibility to block IP addresses from where failed login attempts happened, I am pretty much bothered by overflowing log messages generated by the same attacker every 5 minutes. At the same time, I do not want to blocking time much higher, since I do not want to be blocked for too long in the case that I mistype the password while trying to connect to my home FTP server from somewhere else.

I would favor a solution, where (apart from the current 5, 10, 20, 30, 100 minutes choices) I'd have an option to set up a progressive IP blocking duration. Meaning:

- on the 1st failed attempt the IP gets blocked for 1 minute,
- on the 2nd -> 10 minutes,
- on the 3rd -> 60 minutes,
- on the 4th -> 24 hours,
- on the 5th -> move to blacklist.

I believe this would reduce the amount of log entries and increase security of the system.

Thanks,
Tamas

elvisimprsntr
Easy as a breeze
Posts: 375
Joined: Thu Apr 06, 2017 6:07 am

FEATURE REQUEST: Progressive IP blocking duration

Post by elvisimprsntr » Thu Apr 22, 2021 4:45 am

QNAP support doesn’t read this forum.

How about disconnecting the NAS from your WAN? Problem solved.

FTP is insecure. Use a VPN
[Hourly] TS-453A-16G, TrueNAS-CORE, R5x4x2TB Seagate ST2000VN00?, Crucial CT2KIT102464BF160B
[Daily] Google Drive
[Daily] TS-253A-16G, TrueNAS-CORE, R1x2x4TB Seagate ST4000VN008, Crucial CT2KIT102464BF160B
[Weekly] USB3, 1x4TB Seagate STDR4000901, 45 min fire rated safe
[WAN1] ATT Fiber
[WAN2] SpeedTalk SIM in Netgear LTE Modem
[Firewall] pfSense on Protectli
[WLAN] OpenWRT on Linksys WRT3200ACM
[UPS] APC Back-UPS BX1500G

elvisimprsntr
Easy as a breeze
Posts: 375
Joined: Thu Apr 06, 2017 6:07 am

FEATURE REQUEST: Progressive IP blocking duration

Post by elvisimprsntr » Thu Apr 22, 2021 4:32 pm

Step up to enterprise class firewall software https://pfsense.org running on an appliance from https://protectli.com

Then configure one of the VPN options built in to pfsense. IPSec is one of the options.
[Hourly] TS-453A-16G, TrueNAS-CORE, R5x4x2TB Seagate ST2000VN00?, Crucial CT2KIT102464BF160B
[Daily] Google Drive
[Daily] TS-253A-16G, TrueNAS-CORE, R1x2x4TB Seagate ST4000VN008, Crucial CT2KIT102464BF160B
[Weekly] USB3, 1x4TB Seagate STDR4000901, 45 min fire rated safe
[WAN1] ATT Fiber
[WAN2] SpeedTalk SIM in Netgear LTE Modem
[Firewall] pfSense on Protectli
[WLAN] OpenWRT on Linksys WRT3200ACM
[UPS] APC Back-UPS BX1500G

EvilMastermindG
New here
Posts: 2
Joined: Fri May 14, 2021 5:29 am

Re: FEATURE REQUEST: Progressive IP blocking duration

Post by EvilMastermindG » Fri May 14, 2021 5:50 am

Agree with the sentiment expressed.

1. Do not run FTP. Ever. Unless you really know what you're doing and how to really secure it. Based on OP's statement about the logs, OP does not at the time of their post know how to properly secure it.
2. Do NOT open ports in your NAT router to the internet to direct traffic at your NAS. Do not EVER do this.
3. If outside access is required, set up a VPN service from which clients can make a secure, authenticated, encrypted connection to your public ip, and then authorized clients connect via that before traffic even hits the NAS.
4. Turn OFF UpNP on your NAS, and also turn it OFF on your internet NAT router. In fact, turn it OFF everywhere.

User avatar
Toxic17
Ask me anything
Posts: 5702
Joined: Tue Jan 25, 2011 11:41 pm
Location: Planet Earth
Contact:

Re: FEATURE REQUEST: Progressive IP blocking duration

Post by Toxic17 » Tue May 18, 2021 9:17 pm

Regards Simon

QTS 4.x User Guidex

QNAP Club Repository
Submit a ticket • QNAP Helpdesk
QNAP Tutorials, User Manuals, FAQs, Downloads, Wiki
When you ask a question, please include the following


NAS: TS-473-32GB QM2-2P QXG-10G1T 4.5.3.1652 • TVS-463-16GB 4.5.3.1652 QM2-2S10G1TB • TS-459 Pro 2GB 4.2.6 • TS-121 4.3.3.1624 • APC Back-UPS ES 700G
Network: VM Hub3 • UniFi UDM Pro 1.10-0.9 • Controller: 6.2.23 • UniFi US-16-150W/US-8-60W 5.60.3 • USW Mini Flex 1.8.4 • UniFi G3-Flex • AP: AC Pro 5.60.3 • U6-LR 5.60.3

Locked

Return to “Features Wanted”