Disabling the deault admin

Q'center app, Helpdesk app
cghera
New here
Posts: 8
Joined: Sun Mar 28, 2021 4:35 pm

Disabling the deault admin

Post by cghera »

Hello,
I have a TS-431P3 NAS which I have registered on mycloud and enabled QTS Desktop. Recently I discovered multiple failed login tries from IP addresses which were not mine.
The NAS also disabled access after some tries temporary to the attacker IP address which finally stopped after more than 200 tries (probably used a script). I did not change the default password which is part of the MAC address of the machine, but for safety I created a new user which I made an admin and disabled the default admin account.
My questions are
1.In case of losing the alternate admin password will the reset button re-enable the default admin or it just resets the password to the default (which is already set)
2. Is there some action that cannot be done by an alternate account which has the admin privilege?
3. Is there any other option for furtherly securing my NAS from similar attacks, except of disabling the QTS Desktop completely?

I have Firmware version one version back from the latest. 4.5.2.1566
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

Dont bother disabling admin..get your NAS out of the web and those attacks will stop

Just look at the dozen threads with the same topic from last week (search)
cghera
New here
Posts: 8
Joined: Sun Mar 28, 2021 4:35 pm

Re: Disabling the deault admin

Post by cghera »

Thank you

I saw the other posts and took some action. I also saw the qnap suggestions on security.
User avatar
Xmantium
Been there, done that
Posts: 579
Joined: Fri Sep 03, 2010 3:55 am
Location: Manchester, England

Re: Disabling the deault admin

Post by Xmantium »

can someone give me step by step guide how to block external ip access to my QNAP

past 3 days i have had 1000 failed access all with different ip address
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

remove port forwarding on router
disable upnp on router
User avatar
Xmantium
Been there, done that
Posts: 579
Joined: Fri Sep 03, 2010 3:55 am
Location: Manchester, England

Re: Disabling the deault admin

Post by Xmantium »

is there not a way to block remote login?

im using apps that require internet access
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

the apps expose you to risks as they are poorly programmed

remove open access or suffer the consequences
User avatar
Xmantium
Been there, done that
Posts: 579
Joined: Fri Sep 03, 2010 3:55 am
Location: Manchester, England

Re: Disabling the deault admin

Post by Xmantium »

can someone please provide me a step by step guide to block external access

theres a bot trying to login every two mins with a different ip adresss
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

I just did...you did not disclose your router modell..how is there supposed to be any step by step help?(how about reading the router manual?)

right now you are just repeating yourself like a bot
User avatar
Xmantium
Been there, done that
Posts: 579
Joined: Fri Sep 03, 2010 3:55 am
Location: Manchester, England

Re: Disabling the deault admin

Post by Xmantium »

theres a way to do on qnap settings
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

auto router config can be disabled from the myqnapcloud menu

there is no way to remove manual port forwards via the NAS (as they are setup on the router)
User avatar
Xmantium
Been there, done that
Posts: 579
Joined: Fri Sep 03, 2010 3:55 am
Location: Manchester, England

Re: Disabling the deault admin

Post by Xmantium »

What about this option?

Blocks external ip
You do not have the required permissions to view the files attached to this post.
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

by that point they are already reaching your NAS .. prevent the router from forwarding traffic to your NAS
User avatar
Xmantium
Been there, done that
Posts: 579
Joined: Fri Sep 03, 2010 3:55 am
Location: Manchester, England

Re: Disabling the deault admin

Post by Xmantium »

Guys follow this guide - https://www.qnap.com/en/how-to/faq/arti ... ount-admin

Please QNAP, make a new release thats stop these bot attacks
User avatar
dolbyman
Guru
Posts: 35032
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Disabling the deault admin

Post by dolbyman »

Qnap does not come here .. you should know that

https://www.qnap.com/en/security-news/2 ... ce-attacks
To take steps to avoid being hacked, QNAP recommends that users do not expose their devices on public networks.
And if you ignore everything I say .. why even ask ?
Post Reply

Return to “NAS Management”