Copy Allow/Deny list to additional NAS

Q'center app, Helpdesk app
Locked
RMHud
New here
Posts: 3
Joined: Sat Oct 03, 2020 5:18 am

Copy Allow/Deny list to additional NAS

Post by RMHud » Wed Nov 02, 2022 1:57 am

Greetings,

I have a TS-451+ that, due to massive Bot-net attacks in the last few months, I have built a huge Allow/Deny list (well, actually a Deny List) as well as maintaining a database of all attacks. I am about to set up another QNAP NAS (TS-328) and am wondering if there is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) or otherwise porting my database (currently in a spreadsheet). I am not looking forward to having to hand-thump 682 IP addresses/nets into the new box if I can avoid it.

Thanks
--Ron Hudspeth--

User avatar
dolbyman
Guru
Posts: 29470
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Copy Allow/Deny list to additional NAS

Post by dolbyman » Wed Nov 02, 2022 2:26 am

The NAS should not be in the open web to begin with, so remove them from WAN and be safe

You cannot block all malware IP's and the next exploit does not get denied .. it infects your NAS without warning or defense !

dosborne
Experience counts
Posts: 1068
Joined: Tue May 29, 2018 3:02 am

Re: Copy Allow/Deny list to additional NAS

Post by dosborne » Wed Nov 02, 2022 2:42 am

There is zero value in blocking IP addresses. It is extremely easy for an attacker to use multiple addresses, from too varied a selection. Attacks these days are just some guy sitting in the basement, they are sophisticated business or state entities with access to all kinds of resources.

The only value would be in white listing systems you want to allow allow from / to and denying everything else.
QNAP TS-563-16G 5x10TB Seagate Ironwolf HDD Raid-5 NIC: 2x1GB 1x10GbE
QNAP TS-231P-US 2x18TB Seagate Exos HDD Raid-1
[Deadbolt - Updated Information on Detection, Prevention, Recovery & MORE]
[Deadbolt - How to Reset your NAS]
[Deadbolt - Read your OP_RETURN key YOURSELF]

User avatar
OneCD
Guru
Posts: 10594
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Copy Allow/Deny list to additional NAS

Post by OneCD » Wed Nov 02, 2022 3:27 am

RMHud wrote:
Wed Nov 02, 2022 1:57 am
... I have built a huge Allow/Deny list (well, actually a Deny List) as well as maintaining a database of all attacks. I am about to set up another QNAP NAS (TS-328) and am wondering if there is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) ...
Blocked IP addresses are stored in /etc/config/ipsec_deny.conf

Copy this file to your new NAS.

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage

RMHud
New here
Posts: 3
Joined: Sat Oct 03, 2020 5:18 am

Re: Copy Allow/Deny list to additional NAS

Post by RMHud » Wed Nov 02, 2022 4:33 am

OneCD wrote:
Wed Nov 02, 2022 3:27 am
RMHud wrote:
Wed Nov 02, 2022 1:57 am
... is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) ...
Blocked IP addresses are stored in /etc/config/ipsec_deny.conf

Copy this file to your new NAS.
OneCD

Thank you for actually answering the question and not opining on "best practices"

RMHud

User avatar
dolbyman
Guru
Posts: 29470
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Copy Allow/Deny list to additional NAS

Post by dolbyman » Wed Nov 02, 2022 4:42 am

'Opining'?.. we will wait for your post in one of the malware threads :lol:

Some people need to get burned to wake up

Problem solved>Topic closed

Locked

Return to “NAS Management”