Unknown Thread kthreaddnai

Don't miss a thing. Post your questions and discussion about other uncategorized NAS features here.
dolbyman
Guru
Posts: 11008
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Unknown Thread kthreaddnai

Post by dolbyman » Sat Dec 01, 2018 3:58 am


deakgyuri
New here
Posts: 4
Joined: Sun Feb 18, 2018 5:03 pm

Re: Unknown Thread kthreaddnai

Post by deakgyuri » Mon Dec 03, 2018 8:43 pm

I have got same infection. Malware found nothing

After restart the process did not started just after few hours.

So I have
- updated to latest firmware
- deleted the files from web directory
- changed every possible password ( admin, phpmyadmin, vpn, etc.. )
- on router which is before the NAS made few rules like incoming traffic dropped automatically expected from few known IP but port 80 it is open ( unfortunately have to leave open )

At the moment I cannot seen this process 4 days now.

I hope I could help...

Vaiolo
Starting out
Posts: 11
Joined: Sun Aug 03, 2014 9:37 am

Re: Unknown Thread kthreaddnai

Post by Vaiolo » Fri Dec 07, 2018 1:47 am

No idea if its the same sh**t.

But mine removed malware remover...

Third QNAP wipe in 6 months.
My configuration was just:

QPVN (openvpn)
the web page unter https in a non standard port.
Official MLDONKEY (not externally mapped)
Cloudlink
No UPNP

So the only mapped ports were the HTTPS for web and OPNVPN.

Just unacceptable

dolbyman
Guru
Posts: 11008
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Unknown Thread kthreaddnai

Post by dolbyman » Fri Dec 07, 2018 1:52 am

probably the exposed weblogin

why expose that if you already have openVPN in place ?

Vaiolo
Starting out
Posts: 11
Joined: Sun Aug 03, 2014 9:37 am

Re: Unknown Thread kthreaddnai

Post by Vaiolo » Fri Dec 07, 2018 2:32 am

Why a exposed weblogin is considered normal?

dolbyman
Guru
Posts: 11008
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Unknown Thread kthreaddnai

Post by dolbyman » Fri Dec 07, 2018 2:42 am

No as there is constant security advisories about exploits in the QNAP web server (last week they fixed several and announced it via advisory)

As you can see QNAP's implementation is not hardened enough for WWW exposure.

Also https doesn't help a to prevent this(only helps against credential sniffing,MITM attacks and maybe slowing down DDOS attempts due to handshake negotiations)

Vaiolo
Starting out
Posts: 11
Joined: Sun Aug 03, 2014 9:37 am

Re: Unknown Thread kthreaddnai

Post by Vaiolo » Fri Dec 07, 2018 5:16 am

As a client of QNAP i still consider this unacceptable.

dolbyman
Guru
Posts: 11008
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Unknown Thread kthreaddnai

Post by dolbyman » Fri Dec 07, 2018 5:29 am

Let them now .. we are only users and QNAP does not read in this forum

Post Reply

Return to “Miscellaneous”