Security setup to block host or activity
-
- Starting out
- Posts: 11
- Joined: Fri Dec 19, 2014 1:28 pm
Security setup to block host or activity
Hello All,
I'm having an issue with some one constantly trying to get in as Admin user , its always a different host so I can't block it, I have Admin account disabled but what else I can do and stop this?
I need to keep NAS running, can't unplug it.
thank you for your input.
I'm having an issue with some one constantly trying to get in as Admin user , its always a different host so I can't block it, I have Admin account disabled but what else I can do and stop this?
I need to keep NAS running, can't unplug it.
thank you for your input.
You do not have the required permissions to view the files attached to this post.
QNAP: TS-853 Pro
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
remove port forwards from router to NAS and disable uPnP
if you need to access your NAS from WAN use a VPN server (best done on router or firewall appliance)
if you need to access your NAS from WAN use a VPN server (best done on router or firewall appliance)
-
- Starting out
- Posts: 11
- Joined: Fri Dec 19, 2014 1:28 pm
Re: Security setup to block host or activity
I have multiple users accessing NAS with QSync, all other options can be turned off for now.
Just looked and uPnP is turned off on the router.
QNAP: TS-853 Pro
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
if you expose your NAS and you are already under attack like this.. be prepared to get hacked (unless you have been already)
https://www.zdnet.com/article/cisa-says ... h-malware/
Only secure way for teleworker access is VPN, with all those people carelessly exposing their NAS (even more so all small businesses without real IT knowlage during covid) I think it's just a matter of time till the next new malware pops up (ransom money and crypto mining is just too lucrative for hackers to leave "on the table")
https://www.zdnet.com/article/cisa-says ... h-malware/
Only secure way for teleworker access is VPN, with all those people carelessly exposing their NAS (even more so all small businesses without real IT knowlage during covid) I think it's just a matter of time till the next new malware pops up (ransom money and crypto mining is just too lucrative for hackers to leave "on the table")
-
- Starting out
- Posts: 11
- Joined: Fri Dec 19, 2014 1:28 pm
Re: Security setup to block host or activity
thank you for the link, all scans came back clean.dolbyman wrote: ↑Thu Jul 30, 2020 11:53 pm if you expose your NAS and you are already under attack like this.. be prepared to get hacked (unless you have been already)
https://www.zdnet.com/article/cisa-says ... h-malware/
Only secure way for teleworker access is VPN, with all those people carelessly exposing their NAS (even more so all small businesses without real IT knowlage during covid) I think it's just a matter of time till the next new malware pops up (ransom money and crypto mining is just too lucrative for hackers to leave "on the table")
for now web login disabled from outside and log is clean for now.
I'm expecting QSync, GDrive, DropBox clients use the same security level, but I might have high expectations.
QNAP: TS-853 Pro
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
Qsync clients from external have to reach YOUR NAS from the internet, if you use dropbox or onedrive, users only need to reach the servers from dropbox or microsoft, not your NAS in your own network
- spile
- Been there, done that
- Posts: 641
- Joined: Tue May 24, 2016 12:13 am
Re: Security setup to block host or activity
Which is exactly the same as using MyQnapCloud Link with no port forwarding isn’t it? You are using a third parties servers.
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
With that link service, the data is routed through QNAP servers (and you rely on QNAP to keep it secure and to respect your data privacy), it is certainly better than direct exposing your NAS though.
If you want to stay in control of your data and be secure.. a VPN is still your best option (and is free if you already have the needed hardware in place)
If you want to stay in control of your data and be secure.. a VPN is still your best option (and is free if you already have the needed hardware in place)
- spile
- Been there, done that
- Posts: 641
- Joined: Tue May 24, 2016 12:13 am
Re: Security setup to block host or activity
I read some posters advising users not to use MyQnapCloud without asking HOW they are using it. I would argue that without asking at least if they have uPnp enabled or not is rather jumping the gun.
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
with all the incomming bruteforce attempts it's rather clear that your way was exposing the nas(with manual port forward or upnp), so not sure what that comment was about
*edit* .. oh you're not op .. got confused by random comment
*edit* .. oh you're not op .. got confused by random comment
- spile
- Been there, done that
- Posts: 641
- Joined: Tue May 24, 2016 12:13 am
Re: Security setup to block host or activity
Yes context is everything isn’t it. Hence “jumping the gun”.
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
you random posted in here....so much for context
how is the usage of myqnap cloud important ?...op is exposing web login to wan ..why he does, doesnt matter..it matters that it is attacked
how is the usage of myqnap cloud important ?...op is exposing web login to wan ..why he does, doesnt matter..it matters that it is attacked
- spile
- Been there, done that
- Posts: 641
- Joined: Tue May 24, 2016 12:13 am
Re: Security setup to block host or activity
Why is how they are using MyQnapCloud important?
Because it can be used with or without open ports and therefore the appropriate response depends on that doesn’t it?
Perhaps you are saying that the op must have ports open in order for the screen shot in the first post to have happened?
Because it can be used with or without open ports and therefore the appropriate response depends on that doesn’t it?
Perhaps you are saying that the op must have ports open in order for the screen shot in the first post to have happened?
- dolbyman
- Guru
- Posts: 35268
- Joined: Sat Feb 12, 2011 2:11 am
- Location: Vancouver BC , Canada
Re: Security setup to block host or activity
screenshot is self explaining ..not sure why u are splitting hairs here
- spile
- Been there, done that
- Posts: 641
- Joined: Tue May 24, 2016 12:13 am
Re: Security setup to block host or activity
Splitting hairs was not my intention.