Unless your NAS has a new virtual network that accesses the multiverse those log-ins ARE from people/bots/apps at those IPs that literally logged into your device, whether directly or through a vulnerability it does not matter, they did, your NAS was exposed and was not properly secured at that time. If you can not get past that fact NO ONE here can help you further.buiz_ wrote: ↑Fri Apr 30, 2021 9:10 pm Those threads and the other posts in this thread deal with the many vulnerabilities of QTS. I get that. I got that before I started this thread. I know what I'm dealing with and I take the risks I want to take and that I find acceptable in relation to the importance of what I have on my NAS. I'm not a n00b throwing my vital data in the hands of hackers without caution or backup.
So if we can put that aside along with the dripping sarcasm then what I'm still looking for is an actual answer to my actual question. How can users that don't exist on my NAS show up as having successfully logged on my NAS? I showed a screenshot that also shows that those users did not actually seem to use/access any resources on my NAS. Compromized or not, I would assume that for a user called "Alex" to successfully log on to my NAS, that user should actually be existing on my NAS, yet that seems to not be the case. Anyone has some insights to this? And to be clear, I'm now looking for something more insightful than "your NAS is compromised, wipe it".
I repeat
There is a principle which is a bar against all information, which is proof against all argument, and which cannot fail to keep man in everlasting ignorance. That principle is condemnation before investigation.
—Edmund Spencer