Security setup to block host or activity

Q'center app, Helpdesk app
Post Reply
bgdem
Starting out
Posts: 11
Joined: Fri Dec 19, 2014 1:28 pm

Security setup to block host or activity

Post by bgdem »

Hello All,
I'm having an issue with some one constantly trying to get in as Admin user :oops: ,
admin user.jpg
its always a different host so I can't block it, I have Admin account disabled but what else I can do and stop this?
I need to keep NAS running, can't unplug it.

thank you for your input.
You do not have the required permissions to view the files attached to this post.
QNAP: TS-853 Pro
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

remove port forwards from router to NAS and disable uPnP

if you need to access your NAS from WAN use a VPN server (best done on router or firewall appliance)
bgdem
Starting out
Posts: 11
Joined: Fri Dec 19, 2014 1:28 pm

Re: Security setup to block host or activity

Post by bgdem »

dolbyman wrote: Thu Jul 30, 2020 11:35 pm remove port forwards from router to NAS and disable uPnP

if you need to access your NAS from WAN use a VPN server (best done on router or firewall appliance)
I have multiple users accessing NAS with QSync, all other options can be turned off for now.

Just looked and uPnP is turned off on the router.
QNAP: TS-853 Pro
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

if you expose your NAS and you are already under attack like this.. be prepared to get hacked (unless you have been already)

https://www.zdnet.com/article/cisa-says ... h-malware/

Only secure way for teleworker access is VPN, with all those people carelessly exposing their NAS (even more so all small businesses without real IT knowlage during covid) I think it's just a matter of time till the next new malware pops up (ransom money and crypto mining is just too lucrative for hackers to leave "on the table")
bgdem
Starting out
Posts: 11
Joined: Fri Dec 19, 2014 1:28 pm

Re: Security setup to block host or activity

Post by bgdem »

dolbyman wrote: Thu Jul 30, 2020 11:53 pm if you expose your NAS and you are already under attack like this.. be prepared to get hacked (unless you have been already)

https://www.zdnet.com/article/cisa-says ... h-malware/

Only secure way for teleworker access is VPN, with all those people carelessly exposing their NAS (even more so all small businesses without real IT knowlage during covid) I think it's just a matter of time till the next new malware pops up (ransom money and crypto mining is just too lucrative for hackers to leave "on the table")
thank you for the link, all scans came back clean.
for now web login disabled from outside and log is clean for now.

I'm expecting QSync, GDrive, DropBox clients use the same security level, but I might have high expectations.
QNAP: TS-853 Pro
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

Qsync clients from external have to reach YOUR NAS from the internet, if you use dropbox or onedrive, users only need to reach the servers from dropbox or microsoft, not your NAS in your own network
User avatar
spile
Been there, done that
Posts: 638
Joined: Tue May 24, 2016 12:13 am

Re: Security setup to block host or activity

Post by spile »

dolbyman wrote: Fri Jul 31, 2020 3:32 am Qsync clients from external have to reach YOUR NAS from the internet, if you use dropbox or onedrive, users only need to reach the servers from dropbox or microsoft, not your NAS in your own network
Which is exactly the same as using MyQnapCloud Link with no port forwarding isn’t it? You are using a third parties servers.
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

With that link service, the data is routed through QNAP servers (and you rely on QNAP to keep it secure and to respect your data privacy), it is certainly better than direct exposing your NAS though.

If you want to stay in control of your data and be secure.. a VPN is still your best option (and is free if you already have the needed hardware in place)
User avatar
spile
Been there, done that
Posts: 638
Joined: Tue May 24, 2016 12:13 am

Re: Security setup to block host or activity

Post by spile »

I read some posters advising users not to use MyQnapCloud without asking HOW they are using it. I would argue that without asking at least if they have uPnp enabled or not is rather jumping the gun.
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

with all the incomming bruteforce attempts it's rather clear that your way was exposing the nas(with manual port forward or upnp), so not sure what that comment was about

*edit* .. oh you're not op .. got confused by random comment
User avatar
spile
Been there, done that
Posts: 638
Joined: Tue May 24, 2016 12:13 am

Re: Security setup to block host or activity

Post by spile »

Yes context is everything isn’t it. Hence “jumping the gun”.
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

you random posted in here....so much for context

how is the usage of myqnap cloud important ?...op is exposing web login to wan ..why he does, doesnt matter..it matters that it is attacked
User avatar
spile
Been there, done that
Posts: 638
Joined: Tue May 24, 2016 12:13 am

Re: Security setup to block host or activity

Post by spile »

Why is how they are using MyQnapCloud important?
Because it can be used with or without open ports and therefore the appropriate response depends on that doesn’t it?
Perhaps you are saying that the op must have ports open in order for the screen shot in the first post to have happened?
User avatar
dolbyman
Guru
Posts: 35024
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: Security setup to block host or activity

Post by dolbyman »

screenshot is self explaining ..not sure why u are splitting hairs here
User avatar
spile
Been there, done that
Posts: 638
Joined: Tue May 24, 2016 12:13 am

Re: Security setup to block host or activity

Post by spile »

Splitting hairs was not my intention.
Post Reply

Return to “NAS Management”