Greetings,
I have a TS-451+ that, due to massive Bot-net attacks in the last few months, I have built a huge Allow/Deny list (well, actually a Deny List) as well as maintaining a database of all attacks. I am about to set up another QNAP NAS (TS-328) and am wondering if there is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) or otherwise porting my database (currently in a spreadsheet). I am not looking forward to having to hand-thump 682 IP addresses/nets into the new box if I can avoid it.
Thanks
--Ron Hudspeth--
Copy Allow/Deny list to additional NAS
- dolbyman
- Guru
- Posts: 35021
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Copy Allow/Deny list to additional NAS
The NAS should not be in the open web to begin with, so remove them from WAN and be safe
You cannot block all malware IP's and the next exploit does not get denied .. it infects your NAS without warning or defense !
You cannot block all malware IP's and the next exploit does not get denied .. it infects your NAS without warning or defense !
-
- Experience counts
- Posts: 1791
- Joined: Tue May 29, 2018 3:02 am
- Location: Ottawa, Ontario, Canada
Re: Copy Allow/Deny list to additional NAS
There is zero value in blocking IP addresses. It is extremely easy for an attacker to use multiple addresses, from too varied a selection. Attacks these days are just some guy sitting in the basement, they are sophisticated business or state entities with access to all kinds of resources.
The only value would be in white listing systems you want to allow allow from / to and denying everything else.
The only value would be in white listing systems you want to allow allow from / to and denying everything else.
QNAP TS-563-16G 5x10TB Seagate Ironwolf HDD Raid-5 NIC: 2x1GB 1x10GbE
QNAP TS-231P-US 2x18TB Seagate Exos HDD Raid-1
[Deadbolt and General Ransomware Detection, Prevention, Recovery & MORE]
QNAP TS-231P-US 2x18TB Seagate Exos HDD Raid-1
[Deadbolt and General Ransomware Detection, Prevention, Recovery & MORE]
- OneCD
- Guru
- Posts: 12038
- Joined: Sun Aug 21, 2016 10:48 am
- Location: "... there, behind that sofa!"
Re: Copy Allow/Deny list to additional NAS
Blocked IP addresses are stored in /etc/config/ipsec_deny.confRMHud wrote: ↑Wed Nov 02, 2022 1:57 am ... I have built a huge Allow/Deny list (well, actually a Deny List) as well as maintaining a database of all attacks. I am about to set up another QNAP NAS (TS-328) and am wondering if there is any possibility of copying my previous work to the new box (both running QTS 5.0.1.2194) ...
Copy this file to your new NAS.
-
- New here
- Posts: 3
- Joined: Sat Oct 03, 2020 5:18 am
Re: Copy Allow/Deny list to additional NAS
OneCD
Thank you for actually answering the question and not opining on "best practices"
RMHud
- dolbyman
- Guru
- Posts: 35021
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Copy Allow/Deny list to additional NAS
'Opining'?.. we will wait for your post in one of the malware threads
Some people need to get burned to wake up
Problem solved>Topic closed
Some people need to get burned to wake up
Problem solved>Topic closed