Security and Remote Access
-
- Starting out
- Posts: 11
- Joined: Wed Jun 16, 2021 10:03 pm
Security and Remote Access
Hi folks....
I'm clearly a novice to this stuff, so my apologies in advance for asking what will likely sound like idiotic questions. Here goes:
I installed QuFirewall and noticed I'm getting literally 80-100+ attacks on my Nas from outside IP addresses. I have installed and use very regularly myQnapCloud.com to access my NAS remotely when I'm away and although I received a lot of warnings before about attacks from the NAS itself before, it never sunk in how dangerous this may be until I installed QuFirewall. That app is great because unlike the Qnap which only blocks those ip's for 5 minutes, the QuFirewall blocks the intruders permanently. As an extra precaution I only use the MyQnapCloud.com site to access it remotely and I purchased the SSL from them also so I think I'm locked up about as tight as I can get, right?
Unfortunately in reading the posts on this forum, I'm getting paranoid again because i have unPnp on my router (necessary for the remote Myqnapcloud link thing to work) and have permitted most of all of the services except the Qvpn and virtualization servers (never been able to figure out how or why to use the QVPN thing anyway).
Anyone have any idea why all the attacks and if that's normal? I know the ssh is a touchy thing but I've lost access to my nas because of stupid things I've done and the only way I was able to fix it was by opening an ssh shell and fixing it using command line repairs (usually it has always been I've screwed up the IP address assignment, so no just leave that to the DHCP on my router to assign). Its a last resort thing I want to always have open to use.
Thanks in advance, all!
I'm clearly a novice to this stuff, so my apologies in advance for asking what will likely sound like idiotic questions. Here goes:
I installed QuFirewall and noticed I'm getting literally 80-100+ attacks on my Nas from outside IP addresses. I have installed and use very regularly myQnapCloud.com to access my NAS remotely when I'm away and although I received a lot of warnings before about attacks from the NAS itself before, it never sunk in how dangerous this may be until I installed QuFirewall. That app is great because unlike the Qnap which only blocks those ip's for 5 minutes, the QuFirewall blocks the intruders permanently. As an extra precaution I only use the MyQnapCloud.com site to access it remotely and I purchased the SSL from them also so I think I'm locked up about as tight as I can get, right?
Unfortunately in reading the posts on this forum, I'm getting paranoid again because i have unPnp on my router (necessary for the remote Myqnapcloud link thing to work) and have permitted most of all of the services except the Qvpn and virtualization servers (never been able to figure out how or why to use the QVPN thing anyway).
Anyone have any idea why all the attacks and if that's normal? I know the ssh is a touchy thing but I've lost access to my nas because of stupid things I've done and the only way I was able to fix it was by opening an ssh shell and fixing it using command line repairs (usually it has always been I've screwed up the IP address assignment, so no just leave that to the DHCP on my router to assign). Its a last resort thing I want to always have open to use.
Thanks in advance, all!
You do not have the required permissions to view the files attached to this post.
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security and Remote Access
Read all those recent (and older) threads about where people got their NAS hacked and data held for ransom
NEVER EVER expose your NAS to WAN for remote access .. remove access asap or you could be victim of current or future attacks
NEVER EVER expose your NAS to WAN for remote access .. remove access asap or you could be victim of current or future attacks
- OneCD
- Guru
- Posts: 12146
- Joined: Sun Aug 21, 2016 10:48 am
- Location: "... there, behind that sofa!"
Re: Security and Remote Access
Using the UPnP service in your router is a bad idea. And the myQNAPcloud Link service doesn't need to forward ports on your router anyway. The original myQNAPcloud service does require forwarded ports, but the new "Link" version does not.Radasaurus wrote: ↑Wed Jun 16, 2021 10:58 pm Unfortunately in reading the posts on this forum, I'm getting paranoid again because i have unPnp on my router (necessary for the remote Myqnapcloud link thing to work) and have permitted most of all of the services
Disable UPnP in the router and remove any port-forwards (in the router) pointing to your NAS.
When you're "outside" your LAN, only access your LAN via a VPN instance. If your router can operate as a VPN server - great!
-
- Starting out
- Posts: 11
- Joined: Wed Jun 16, 2021 10:03 pm
Re: Security and Remote Access
Wow... didn't even know. I closed up the unpnp and checked to see if the apps and links could still connect. They can!
Crazy that they make it seem like you must port forward when you go through the app. Thanks for that! Will see if the attacks stop now......
Crazy that they make it seem like you must port forward when you go through the app. Thanks for that! Will see if the attacks stop now......
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security and Remote Access
cloudlink would be the only thing making your nas reachable
if it is still reachable without cloudlink..it is still exposed (manual port forwards)
if it is still reachable without cloudlink..it is still exposed (manual port forwards)
- spile
- Been there, done that
- Posts: 641
- Joined: Tue May 24, 2016 12:13 am
Re: Security and Remote Access
ShieldsUp will help identify any open ports and level of exposureRadasaurus wrote: ↑Tue Jun 22, 2021 10:28 am Wow... didn't even know. I closed up the unpnp and checked to see if the apps and links could still connect. They can!
Crazy that they make it seem like you must port forward when you go through the app. Thanks for that! Will see if the attacks stop now......
https://www.grc.com
-
- Starting out
- Posts: 11
- Joined: Wed Jun 16, 2021 10:03 pm
Re: Security and Remote Access
I went to grc.com and no exposures!!! Thanks everyone!
The attacks continue but I’m locked down as tight as I can be right now. I have to figure out the vpn thing but no unpnp anymore, qnap firewall installed and blocking ips that attempt to hit my nas, so I think Im good.
The only other thing I was thinking is to permit ONLY access thru the firewall for myqnapcloud.com (restrict access to only that sites in address) but couldn’t figure out how to do that.
The attacks continue but I’m locked down as tight as I can be right now. I have to figure out the vpn thing but no unpnp anymore, qnap firewall installed and blocking ips that attempt to hit my nas, so I think Im good.
The only other thing I was thinking is to permit ONLY access thru the firewall for myqnapcloud.com (restrict access to only that sites in address) but couldn’t figure out how to do that.
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security and Remote Access
without portforwards and upnp there should be nothing "hitting" your NAS ..something is still forwarding to your NAS
-
- Starting out
- Posts: 11
- Joined: Wed Jun 16, 2021 10:03 pm
Re: Security and Remote Access
I don’t know what it could possibly be. I don’t have anything but myqnapcloud.com connecting to it, I purchased SSL and made all services private. And yet I get these every hour or so:
Any idea what is causing so many attacks?You do not have the required permissions to view the files attached to this post.
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security and Remote Access
unless you are using cloudlink, qnapcloud is just a ddns service that will need portforwards to expose your nas to wan
ssl encryption will do nothing to protect your nas
ssl encryption will do nothing to protect your nas
-
- Starting out
- Posts: 11
- Joined: Wed Jun 16, 2021 10:03 pm
Re: Security and Remote Access
I'm using cloudlink on the nas and it connects to the myqnapcloud.com website. That is the only way I access my nas - I tried ddns and it was a pain In the **.
Thanks!
Thanks!