Hacking Attempt
-
- Starting out
- Posts: 43
- Joined: Fri Jul 10, 2015 8:33 pm
Hacking Attempt
I had a hack attempt on my NAS - about 1000 lines like this in the log. They all failed.
259153 Warning 5/1/2017 16:29:56 admin 91.67.185.35 --- HTTP Administration Login Fail
I have port 8080 forwarded on my router to the QNAP NAS.
I have Qsync enabled for devices outside my network to use Qsync
Is the hacking just related to someone scanning port 8080 and seeing it's open?
Should I be setting the Qsync to a secure connection instead or would it not make any difference in terms of ease of hacking.
259153 Warning 5/1/2017 16:29:56 admin 91.67.185.35 --- HTTP Administration Login Fail
I have port 8080 forwarded on my router to the QNAP NAS.
I have Qsync enabled for devices outside my network to use Qsync
Is the hacking just related to someone scanning port 8080 and seeing it's open?
Should I be setting the Qsync to a secure connection instead or would it not make any difference in terms of ease of hacking.
- dolbyman
- Guru
- Posts: 35274
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Hacking Attempt
right now lots of people having their NAS systems hacked, so better to not expose your QNAP to the internet and use a VPN instead (preferably done by another device, e.g. router)
- OneCD
- Guru
- Posts: 12156
- Joined: Sun Aug 21, 2016 10:48 am
- Location: "... there, behind that sofa!"
Re: Hacking Attempt
No, they already know it's open - they're trying to brute-force your admin password.snorkel wrote:I had a hack attempt on my NAS - about 1000 lines like this in the log. They all failed.
...
I have port 8080 forwarded on my router to the QNAP NAS.
...
Is the hacking just related to someone scanning port 8080 and seeing it's open?
Totally agree with using a VPN. Close port 8080 in your router firewall immediately.
BTW: a whois for '91.67.185.35' shows:
You may want to send them an email.Responsible organisation: Vodafone Kabel Deutschland GmbH
Abuse contact info: abuse@kabeldeutschland.de
-
- Starting out
- Posts: 43
- Joined: Fri Jul 10, 2015 8:33 pm
Re: Hacking Attempt
How am I going to close port 8080 and allow for Qsync to work from the two off-site locations outside of our network? We have three separate offices with their own internet connection. No VPN between them.
Is there a more secure way of doing Qsync?
Is there a more secure way of doing Qsync?
- OneCD
- Guru
- Posts: 12156
- Joined: Sun Aug 21, 2016 10:48 am
- Location: "... there, behind that sofa!"
Re: Hacking Attempt
Maybe create a VPN between them, then?snorkel wrote:We have three separate offices with their own internet connection. No VPN between them.
I'm sure QSync is quite secure - as long as you're using HTTPS instead of HTTP to establish the connection.snorkel wrote:Is there a more secure way of doing Qsync?
But that's not the problem. Any port you expose can be hammered with login requests. Given enough time or luck, they will get in. So, suggest you use some form of IP banning. If your router supports this, then use it.
If not, your NAS has a basic IP banning system built-in. This can be found in the QTS Control Panel -> System Settings -> Security -> Network Access Protection tab. Enable it, and tick the checkbox for HTTP(S).
- Don
- Guru
- Posts: 12289
- Joined: Thu Jan 03, 2008 4:56 am
- Location: Long Island, New York
Re: Hacking Attempt
Set up a vpn between sites.
Use the forum search feature before posting.
Use RAID and external backups. RAID will protect you from disk failure, keep your system running, and data accessible while the disk is replaced, and the RAID rebuilt. Backups will allow you to recover data that is lost or corrupted, or from system failure. One does not replace the other.
NAS: TVS-882BR | F/W: 5.0.1.2346 | 40GB | 2 x 1TB M.2 SATA RAID 1 (System/VMs) | 3 x 1TB M.2 NMVe QM2-4P-384A RAID 5 (cache) | 5 x 14TB Exos HDD RAID 6 (Data) | 1 x Blu-ray
NAS: TVS-h674 | F/W: 5.0.1.2376 | 16GB | 3 x 18TB RAID 5
Apps: DNSMasq, PLEX, iDrive, QVPN, QLMS, MP3fs, HBS3, Entware, DLstation, VS, +
Use RAID and external backups. RAID will protect you from disk failure, keep your system running, and data accessible while the disk is replaced, and the RAID rebuilt. Backups will allow you to recover data that is lost or corrupted, or from system failure. One does not replace the other.
NAS: TVS-882BR | F/W: 5.0.1.2346 | 40GB | 2 x 1TB M.2 SATA RAID 1 (System/VMs) | 3 x 1TB M.2 NMVe QM2-4P-384A RAID 5 (cache) | 5 x 14TB Exos HDD RAID 6 (Data) | 1 x Blu-ray
NAS: TVS-h674 | F/W: 5.0.1.2376 | 16GB | 3 x 18TB RAID 5
Apps: DNSMasq, PLEX, iDrive, QVPN, QLMS, MP3fs, HBS3, Entware, DLstation, VS, +
-
- Starting out
- Posts: 43
- Joined: Fri Jul 10, 2015 8:33 pm
Re: Hacking Attempt
Ok, thanks for the advice about the IP banning setting. I just set that. Should make it less "fun" for anyone wanting to keep cracking at it.
I could set up a VPN from the two sites that have Qsync users to the main office that houses the NAS. However.............
if users took their PCs home they would not be part of the office network any longer where the site to site VPN would allow qsync to work.
It's always security level vs. inconvenience level.
I could set up a VPN from the two sites that have Qsync users to the main office that houses the NAS. However.............
if users took their PCs home they would not be part of the office network any longer where the site to site VPN would allow qsync to work.
It's always security level vs. inconvenience level.
- Don
- Guru
- Posts: 12289
- Joined: Thu Jan 03, 2008 4:56 am
- Location: Long Island, New York
Re: Hacking Attempt
They can still set up a VPN from their PC to either the office router or NAS itself.snorkel wrote:Ok, thanks for the advice about the IP banning setting. I just set that. Should make it less "fun" for anyone wanting to keep cracking at it.
I could set up a VPN from the two sites that have Qsync users to the main office that houses the NAS. However.............
if users took their PCs home they would not be part of the office network any longer where the site to site VPN would allow qsync to work.
It's always security level vs. inconvenience level.
Use the forum search feature before posting.
Use RAID and external backups. RAID will protect you from disk failure, keep your system running, and data accessible while the disk is replaced, and the RAID rebuilt. Backups will allow you to recover data that is lost or corrupted, or from system failure. One does not replace the other.
NAS: TVS-882BR | F/W: 5.0.1.2346 | 40GB | 2 x 1TB M.2 SATA RAID 1 (System/VMs) | 3 x 1TB M.2 NMVe QM2-4P-384A RAID 5 (cache) | 5 x 14TB Exos HDD RAID 6 (Data) | 1 x Blu-ray
NAS: TVS-h674 | F/W: 5.0.1.2376 | 16GB | 3 x 18TB RAID 5
Apps: DNSMasq, PLEX, iDrive, QVPN, QLMS, MP3fs, HBS3, Entware, DLstation, VS, +
Use RAID and external backups. RAID will protect you from disk failure, keep your system running, and data accessible while the disk is replaced, and the RAID rebuilt. Backups will allow you to recover data that is lost or corrupted, or from system failure. One does not replace the other.
NAS: TVS-882BR | F/W: 5.0.1.2346 | 40GB | 2 x 1TB M.2 SATA RAID 1 (System/VMs) | 3 x 1TB M.2 NMVe QM2-4P-384A RAID 5 (cache) | 5 x 14TB Exos HDD RAID 6 (Data) | 1 x Blu-ray
NAS: TVS-h674 | F/W: 5.0.1.2376 | 16GB | 3 x 18TB RAID 5
Apps: DNSMasq, PLEX, iDrive, QVPN, QLMS, MP3fs, HBS3, Entware, DLstation, VS, +
-
- Starting out
- Posts: 43
- Joined: Fri Jul 10, 2015 8:33 pm
Re: Hacking Attempt
Yes, I had thought of this - a VPN from their computer to the other router or the NAS, but.................
They need to periodically connect to another PPTP VPN in order to remotely manage a Windows workstation via RDP that controls a heating/air conditioning system. And I thought that you can't have two VPNs going at the same time.
But, i TOTALLY agree that VPN would allow me to close the hole in the firewall to cut off most of the hacking attempts.
They need to periodically connect to another PPTP VPN in order to remotely manage a Windows workstation via RDP that controls a heating/air conditioning system. And I thought that you can't have two VPNs going at the same time.
But, i TOTALLY agree that VPN would allow me to close the hole in the firewall to cut off most of the hacking attempts.
- dolbyman
- Guru
- Posts: 35274
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Hacking Attempt
PPTP is a bit insecure, so using it from a public wifi might be a bad idea (someone could snoop and cloudcrack your credentials) , I would switch over your VPN to OpenVPN or IPSEC.
But other than that you should be able to connect to your PPTP server with more than one client at a time
But other than that you should be able to connect to your PPTP server with more than one client at a time
-
- Starting out
- Posts: 43
- Joined: Fri Jul 10, 2015 8:33 pm
Re: Hacking Attempt
I think for casual use, PPTP is still ok. We're not talking about super secret information. I'll look into being able to run two VPNs at the same time. Thanks for all the replies.
-
- New here
- Posts: 9
- Joined: Mon Sep 12, 2016 2:39 pm
Re: Hacking Attempt
Hi,
I tried to connect two QNAP with VPN PPTP. It work, the QNAP client is connected to the server but I can't communicat with. Which rules I have to add in my firewall to work ?
Thank's in advance.
Sol-Info
I tried to connect two QNAP with VPN PPTP. It work, the QNAP client is connected to the server but I can't communicat with. Which rules I have to add in my firewall to work ?
Thank's in advance.
Sol-Info
-
- New here
- Posts: 8
- Joined: Sat Dec 30, 2017 2:14 am
Re: Hacking Attempt
My solution to that was Oracle VM VirtualBox, setup the second VPN within that VM so that the main system is not affected, and the (infrequently used) VM can be spun up/state saved when needed.snorkel wrote:They need to periodically connect to another PPTP VPN in order to remotely manage a Windows workstation via RDP that controls a heating/air conditioning system.
It saves my main machine going all Arabic on me, as the VPN connects via the UAE and my point of presence suddenly moves there and everything "helpfully" gets set to the local language.
PAul