derekzeanah wrote: ↑Sun Jan 09, 2022 1:06 am
Is there something else to check to confirm it's just bad timing here?
Wondering the same. I support IT for small businesses and manage 8 QNAP NAS units at various locations. Yesterday (Jan 8th), 4 of them went offline. Trying to connect via a browser issued a redirect and would timeout. Rebooting brought them all back online. I have gone thru and updated all firmware and apps and have run the Security Counselor. One of the 4 was connected to myQNAPCloud, the rest were not. None were directly exposed thru open ports or have UPnP enabled. I have now disconnected that 1 unit from myQNAPCloud and will only manage these from behind their firewalls. Not sure what else I can do.
To say I'm spooked is an understatement. QNAP did not reply to my service request. Anyone else have an idea of what's going on?
when i'm in doubt i'll check the status of my hdds, wipe them, reflash qts firmware, and make sure nas is not exposed to the internet. and during all this i have a backup ready just in case whatever happens.
managing qnaps at various locations... how r u doing that? are u using a vpn?
NAS [Main Server]QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE [Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial [^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5 [^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5 [^] QNAP TS-253D (Truenas Scale) [Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1
Either VPN into the router or remote into a workstation behind the firewall and then connect via HTTP from inside the network. NAS isn’t exposed and no open ports on the router. Looks like a ton of reports of QNAPs all over going offline since Friday. Hope the cause is found soon.
well if ur using vpn on routerside, and u update your router n other devices regularly, then not sure y its like that :/
the only recent news i heard was qvpn had some vulnerability (u probly want to uninstall that). probly disable that and just use ur vpn on router only.
myqnapcloud if u dont need it, disable it. helpdesk also disable it when not actively using when requiring assistance from qnap for remote assistance.
NAS [Main Server]QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE [Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial [^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5 [^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5 [^] QNAP TS-253D (Truenas Scale) [Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1
GravStorm wrote: ↑Mon Jan 10, 2022 10:23 am
To say I'm spooked is an understatement. QNAP did not reply to my service request. Anyone else have an idea of what's going on?
No but there is nothing that suggest this is a security/intrution issue. It sound much more like a bug when multiple non-exposed systems go unresponsive at night.
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
That's good news, hopefully QNAP issues a formal cause soon. With the security alert they sent out the day before and the recent ransomware attacks, I guess I'm on edge.
Moogle Stiltzkin wrote:when i'm in doubt i'll check the status of my hdds, wipe them, reflash qts firmware, and make sure nas is not exposed to the internet. and during all this i have a backup ready just in case whatever happens.
managing qnaps at various locations... how r u doing that? are u using a vpn?
I have switched to using TeamViewer to remote connect to my NASs. No port forwarding, direct access to the website, and all seems to be working fine.
AlastairStevenson wrote: ↑Tue Jan 11, 2022 12:48 am
No date, no version or build info.
That's not the way to issue such an announcement!
I agree of course but unfortunately that is the least of the problems with Qnap right now...
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
Osborne wrote: ↑Tue Jan 11, 2022 1:22 am
My NAS files were encrypted by the ransomware..( "fortunately" this ransomware is unable to encrypt .mkv, wav, flac and DSD files)
It's not a limitation of the malware, but why spend valuable encryption time on pirated movies or re-downloadable audio? .. it was deliberately programmed to skip these files
Osborne wrote: ↑Tue Jan 11, 2022 1:22 am
My NAS files were encrypted by the ransomware..( "fortunately" this ransomware is unable to encrypt .mkv, wav, flac and DSD files)
It's not a limitation of the malware, but why spend valuable encryption time on pirated movies or re-downloadable audio? .. it was deliberately programmed to skip these files
Maybe Qnap will next recommend we rename all our files to .mkv wav and flac, that way they will be safe from ransomware