Security and Remote Access

Post your questions about myQNAPcloud service here.
Post Reply
Radasaurus
Starting out
Posts: 11
Joined: Wed Jun 16, 2021 10:03 pm

Security and Remote Access

Post by Radasaurus »

Hi folks....

I'm clearly a novice to this stuff, so my apologies in advance for asking what will likely sound like idiotic questions. Here goes:

I installed QuFirewall and noticed I'm getting literally 80-100+ attacks on my Nas from outside IP addresses. I have installed and use very regularly myQnapCloud.com to access my NAS remotely when I'm away and although I received a lot of warnings before about attacks from the NAS itself before, it never sunk in how dangerous this may be until I installed QuFirewall. That app is great because unlike the Qnap which only blocks those ip's for 5 minutes, the QuFirewall blocks the intruders permanently. As an extra precaution I only use the MyQnapCloud.com site to access it remotely and I purchased the SSL from them also so I think I'm locked up about as tight as I can get, right?

Unfortunately in reading the posts on this forum, I'm getting paranoid again because i have unPnp on my router (necessary for the remote Myqnapcloud link thing to work) and have permitted most of all of the services
services open.JPG
except the Qvpn and virtualization servers (never been able to figure out how or why to use the QVPN thing anyway).

Anyone have any idea why all the attacks and if that's normal? I know the ssh is a touchy thing but I've lost access to my nas because of stupid things I've done and the only way I was able to fix it was by opening an ssh shell and fixing it using command line repairs (usually it has always been I've screwed up the IP address assignment, so no just leave that to the DHCP on my router to assign). Its a last resort thing I want to always have open to use.

Thanks in advance, all!
You do not have the required permissions to view the files attached to this post.
User avatar
dolbyman
Guru
Posts: 34903
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security and Remote Access

Post by dolbyman »

Read all those recent (and older) threads about where people got their NAS hacked and data held for ransom

NEVER EVER expose your NAS to WAN for remote access .. remove access asap or you could be victim of current or future attacks
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Security and Remote Access

Post by OneCD »

Radasaurus wrote: Wed Jun 16, 2021 10:58 pm Unfortunately in reading the posts on this forum, I'm getting paranoid again because i have unPnp on my router (necessary for the remote Myqnapcloud link thing to work) and have permitted most of all of the services
Using the UPnP service in your router is a bad idea. And the myQNAPcloud Link service doesn't need to forward ports on your router anyway. The original myQNAPcloud service does require forwarded ports, but the new "Link" version does not.

Disable UPnP in the router and remove any port-forwards (in the router) pointing to your NAS.

When you're "outside" your LAN, only access your LAN via a VPN instance. If your router can operate as a VPN server - great! :)

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
Radasaurus
Starting out
Posts: 11
Joined: Wed Jun 16, 2021 10:03 pm

Re: Security and Remote Access

Post by Radasaurus »

Wow... didn't even know. I closed up the unpnp and checked to see if the apps and links could still connect. They can!

Crazy that they make it seem like you must port forward when you go through the app. Thanks for that! Will see if the attacks stop now......
User avatar
dolbyman
Guru
Posts: 34903
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security and Remote Access

Post by dolbyman »

cloudlink would be the only thing making your nas reachable

if it is still reachable without cloudlink..it is still exposed (manual port forwards)
User avatar
spile
Been there, done that
Posts: 637
Joined: Tue May 24, 2016 12:13 am

Re: Security and Remote Access

Post by spile »

Radasaurus wrote: Tue Jun 22, 2021 10:28 am Wow... didn't even know. I closed up the unpnp and checked to see if the apps and links could still connect. They can!

Crazy that they make it seem like you must port forward when you go through the app. Thanks for that! Will see if the attacks stop now......
ShieldsUp will help identify any open ports and level of exposure
https://www.grc.com
Radasaurus
Starting out
Posts: 11
Joined: Wed Jun 16, 2021 10:03 pm

Re: Security and Remote Access

Post by Radasaurus »

I went to grc.com and no exposures!!! Thanks everyone!

The attacks continue but I’m locked down as tight as I can be right now. I have to figure out the vpn thing but no unpnp anymore, qnap firewall installed and blocking ips that attempt to hit my nas, so I think Im good.

The only other thing I was thinking is to permit ONLY access thru the firewall for myqnapcloud.com (restrict access to only that sites in address) but couldn’t figure out how to do that.
User avatar
dolbyman
Guru
Posts: 34903
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security and Remote Access

Post by dolbyman »

without portforwards and upnp there should be nothing "hitting" your NAS ..something is still forwarding to your NAS
Radasaurus
Starting out
Posts: 11
Joined: Wed Jun 16, 2021 10:03 pm

Re: Security and Remote Access

Post by Radasaurus »

I don’t know what it could possibly be. I don’t have anything but myqnapcloud.com connecting to it, I purchased SSL and made all services private. And yet I get these every hour or so:
7D28CB1D-898B-487B-8115-BC37B4383975.jpeg
Any idea what is causing so many attacks?

dolbyman wrote: Thu Jun 24, 2021 9:38 pm without portforwards and upnp there should be nothing "hitting" your NAS ..something is still forwarding to your NAS
You do not have the required permissions to view the files attached to this post.
User avatar
dolbyman
Guru
Posts: 34903
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security and Remote Access

Post by dolbyman »

unless you are using cloudlink, qnapcloud is just a ddns service that will need portforwards to expose your nas to wan

ssl encryption will do nothing to protect your nas
Radasaurus
Starting out
Posts: 11
Joined: Wed Jun 16, 2021 10:03 pm

Re: Security and Remote Access

Post by Radasaurus »

I'm using cloudlink on the nas and it connects to the myqnapcloud.com website. That is the only way I access my nas - I tried ddns and it was a pain In the **.

Thanks!
Post Reply

Return to “myQNAPcloud service”