Q'Center password brute force prevention

Q'center app, Helpdesk app
Post Reply
SimoneSolda
New here
Posts: 3
Joined: Tue Dec 01, 2020 4:34 pm

Q'Center password brute force prevention

Post by SimoneSolda »

I'm deploying a QCenter VM Appliance to monitor several offsite NAS.
The VM I'm using follows

FORMAT = hyperv
BUILD_DATE = 20210113
VERSION = 1.2.1

I also installed Q'Center Patch 1.11.1004
I've seen that I can test multiple passwords without any slowdown...
Is it possible to enable a prevention of brute force test of password?
I mean, something that delay the login if multiple failed password are being tested?
Or maybe record on /var/log failed attempts to feed a fail2ban or something like that.

Thank you.
P3R
Guru
Posts: 13190
Joined: Sat Dec 29, 2007 1:39 am
Location: Stockholm, Sweden (UTC+01:00)

Re: Q'Center password brute force prevention

Post by P3R »

I'm sorry but I don't know the answer to your question.

In my opinion management applications should be on a separated management network (VLAN) that only administrators have access to.
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!

A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.

All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
SimoneSolda
New here
Posts: 3
Joined: Tue Dec 01, 2020 4:34 pm

Re: Q'Center password brute force prevention

Post by SimoneSolda »

You are right but, if you manage many customer's NAS, it's nice to have a single dashboard to monitor NAS behind NAT.
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Q'Center password brute force prevention

Post by dolbyman »

if you expose your custumers NAS via port forwards..have some money reserved for lawsuits ... because that is one (or more) waiting to happen
SimoneSolda
New here
Posts: 3
Joined: Tue Dec 01, 2020 4:34 pm

Re: Q'Center password brute force prevention

Post by SimoneSolda »

dolbyman wrote: Wed Mar 31, 2021 9:33 pm if you expose your custumers NAS via port forwards..have some money reserved for lawsuits ... because that is one (or more) waiting to happen
Maybe my explanation was flawed. Customer's NAS is inside their network. They are not exposed.
My Q'Center, instead, is published via port forward to be reachable.
"Connect to QCenter" connect to the public IP of QCenter, as per QNAP Documentation using port 443

CUST NAS ---> NAT ROUTER (with no direct access to the NAS) ---> INTERNET ---> QCENTER


But the login screen of QCenter doesn't have a brute-force prevention...

Maybe now it's more clear.
Post Reply

Return to “NAS Management”