Copy Allow/Deny list to additional NAS

Q'center app, Helpdesk app
Locked
RMHud
New here
Posts: 3
Joined: Sat Oct 03, 2020 5:18 am

Copy Allow/Deny list to additional NAS

Post by RMHud »

Greetings,

I have a TS-451+ that, due to massive Bot-net attacks in the last few months, I have built a huge Allow/Deny list (well, actually a Deny List) as well as maintaining a database of all attacks. I am about to set up another QNAP NAS (TS-328) and am wondering if there is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) or otherwise porting my database (currently in a spreadsheet). I am not looking forward to having to hand-thump 682 IP addresses/nets into the new box if I can avoid it.

Thanks
--Ron Hudspeth--
User avatar
dolbyman
Guru
Posts: 35021
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Copy Allow/Deny list to additional NAS

Post by dolbyman »

The NAS should not be in the open web to begin with, so remove them from WAN and be safe

You cannot block all malware IP's and the next exploit does not get denied .. it infects your NAS without warning or defense !
dosborne
Experience counts
Posts: 1791
Joined: Tue May 29, 2018 3:02 am
Location: Ottawa, Ontario, Canada

Re: Copy Allow/Deny list to additional NAS

Post by dosborne »

There is zero value in blocking IP addresses. It is extremely easy for an attacker to use multiple addresses, from too varied a selection. Attacks these days are just some guy sitting in the basement, they are sophisticated business or state entities with access to all kinds of resources.

The only value would be in white listing systems you want to allow allow from / to and denying everything else.
QNAP TS-563-16G 5x10TB Seagate Ironwolf HDD Raid-5 NIC: 2x1GB 1x10GbE
QNAP TS-231P-US 2x18TB Seagate Exos HDD Raid-1
[Deadbolt and General Ransomware Detection, Prevention, Recovery & MORE]
User avatar
OneCD
Guru
Posts: 12038
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Copy Allow/Deny list to additional NAS

Post by OneCD »

RMHud wrote: Wed Nov 02, 2022 1:57 am ... I have built a huge Allow/Deny list (well, actually a Deny List) as well as maintaining a database of all attacks. I am about to set up another QNAP NAS (TS-328) and am wondering if there is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) ...
Blocked IP addresses are stored in /etc/config/ipsec_deny.conf

Copy this file to your new NAS.

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
RMHud
New here
Posts: 3
Joined: Sat Oct 03, 2020 5:18 am

Re: Copy Allow/Deny list to additional NAS

Post by RMHud »

OneCD wrote: Wed Nov 02, 2022 3:27 am
RMHud wrote: Wed Nov 02, 2022 1:57 am ... is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) ...
Blocked IP addresses are stored in /etc/config/ipsec_deny.conf

Copy this file to your new NAS.
OneCD

Thank you for actually answering the question and not opining on "best practices"

RMHud
User avatar
dolbyman
Guru
Posts: 35021
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Copy Allow/Deny list to additional NAS

Post by dolbyman »

'Opining'?.. we will wait for your post in one of the malware threads :lol:

Some people need to get burned to wake up

Problem solved>Topic closed
Locked

Return to “NAS Management”