Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
Al_Borges

Someone is trying to log onto my NAS!

Recommended Posts

Al_Borges

hey forum member,  need some help

 

this evening ,   there has been continual attempts to remotely log onto my QNAP Nas

 

about every 15 seconds

 

see the attached notification screen shot

 

I have disabled the default admin account and the real obscure administrator account has a very secure password

 

what should I do next?  should I be worried?

 

 

login log.jpg

Share this post


Link to post
Share on other sites
nrf

sure looks like someone is trying to brute-force their way in. do you have a way to see if these are all coming from the same IP?

Share this post


Link to post
Share on other sites
Jason

Do you have a UTM or firewall that you can block the IPs from which these attempts are originating?

Share this post


Link to post
Share on other sites
Al_Borges

according to my router logs,  each login appears to be coming in from  a different ip

 

I have "ip access protection " enabled on my Qnap, so if the same Ip has three failed logins, that ip is blocked

 

overnight,  I used  parental controls to shut off internet access.  hopefully they have given up

Edited by Al_Borges

Share this post


Link to post
Share on other sites
oj88

Do you have your QNAP directly accessible from the internet (ie. NAT, PAT, or assigned a public IP)?

 

If you need to access your NAS from the internet, better do it through VPN.

Share this post


Link to post
Share on other sites
ShadowPeo

Probably not a person but a bot, are you using standard QNAP ports or redirecting from something else, for example although Synology uses 5000 and 5001 you can change that (I use 5500 and 5501) which confuses the bots a little but I also redirect to the NAS from a reverse proxy utilising ports 80 and 443 (the standard ports) and this seems to reduce the number of attacks aimed directly at the Synology infrastructure

Also geographical restrictions if you can, if no-one outside you country for example should be using it, deny all and only allow your countries assigned IP address range access, if you need be you can explicitly allow other ranges but geographic restrictions can help

Share this post


Link to post
Share on other sites
oj88

From a consumer's perspective, blocking IP addresses based on geographic location is only partially effective and can even detrimental in a number of cases. Because of the use of CDNs and other similar techniques, you could be inadvertently blocking your users access to certain sites and/or services. Further, Bot attacks can potentially come from any compromised system from whitelisted/allowed countries, which is typically what happens in the real world.

 

I think an "NG" (aka Layer-7, or application-aware) firewall + IDS/IPS will be more effective for these types of attacks.

Share this post


Link to post
Share on other sites
ShadowPeo

Whilst I agree a Layer 7 appliance would work better, blocking based upon geographic location (and with this perhaps I was not being clear, I was meaning on the NAS device itself which in Synolgy's case it can do) is something that can be done immediately and with minimal overhead and is easy enough to implement and remove if need be

Share this post


Link to post
Share on other sites
Al_Borges
Do you have your QNAP directly accessible from the internet (ie. NAT, PAT, or assigned a public IP)?
 
If you need to access your NAS from the internet, better do it through VPN.
I did have access into my NAS thru the myqnapcloud interface. One of the first things I disabled. Didnt seem to have an effect.

I removed internet access thru the parental controls feature of my router. After shutting off access overnight, the logins didnt comeback after I connected back to the internet.

I run the "channels dvr" for my TV service, so it needs access to the web.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • Himaro
      By Himaro
      So I'm trying to replace my ageing HP Proliant Microserver N54L. It's used as a general dogs body server, running Blue Iris, Plex and as my NAS server.
      I'm on a pretty tight budget but the poor server is always at 90% + CPU because of the CCTV and I'm looking at adding a second camera soon.
      Is there such a thing as a reasonably priced ECC home server build?
      My MVP is 8GB ECC memory, with 4 threads on the CPU. 
      I'd prefer a small form factor but that's like gold dust unless you throw a lot of $$££€€ at it. I've got to get this past my partner you see 😅
      Any ideas? I'm not loyal to any particular brand, so long as it works.
    • Dave
      By Dave
      Synology C2 Backup Now Available to US Customers
       
      This is a data backup service that Synology released to EU customers last year.  I remember trying to get it to install and it wouldn't take my CC# because of location.  Fair enough, will it now and how much will it cost?
       
       

       
      Seriously, how much is it?  Ask Google and on March 25th, 2018 it's $14.12.  That's still not a bad price for 100Gb of backup with versioning. Also not bad to consider this as a secondary cloud backup.  (See below for pricing)
       
      One thing to keep in mine this is a service that falls under Hyper Backup and not Cloud Sync.  The two are very different.  This will be a true back with versioning and not a simple synchronization of a folder in a cloud service like dropbox.  Many a mistake have been made with sync pairs and cloud services!  That won't happen with backup and versions.
       
      Enable it and Back Up
       
      In your Synology DSM go to Hyper Backup. Install if you are not using it.  You would also use this app to backup to USB, Amazon S3, Microsoft Azure, etc.
      Select Synology C2 Cloud Backup.

       
      That should launch a login portal.  If you have used Synology services before and have a login you can use those credentials or create credentials right here.
       
      Start your free trial for 30 days but prices are still in POUNDS!  That's a pound symbol right?  If it was released to Europe why isn't it in Euros? I'm so confused.    (it is Euro Dave!  I had a brain fart on the Euro symbol.  See response post below.  Embarrassingly laughing at myself on this!)
       
      It's here where it wouldn't let me proceed last time I tried due to it being a limited trial to EU customers only.  You have to put your CC# in to get the 30 day free trial.  It says i'm in the Europe Frankfort market but the purchase went through.  So, does this mean if the US sinks into the Ocean and all my data goes with it, my photos will be in Frankfort safe and sound?  Sweet!
       

       
      This is the last web screen I see as it has now taken me back to Hyper Backup.

       
      I'm going to choose a small amount to get started with.
       

       
       

       
      I'm also going to limit the bandwidth of the backup and set Client Side encryption.  The encryption password box will allow you to use the Admin account password so you don't forget what you put here unless your Admin password is less than 8 characters.
       
      Once you are finished it will ask you if you want to backup now. I said now just to keep the network clean while I'm working but it will backup tonight.  Look at the screen shot below.  See the little arrow by Synology C2?  That is the link to the web portal.  It would be nice to see Synology integrate this into DSM so there isn't a secondary screen needed.  It would also be nice to have some choice as to where your data is being sent and to be charged a proper amount.  I'm afraid my bank might also charge me a fee for the Pounds to USD conversion.  I'll update the post when I find out.
       

       
      Here are the web portal screens below.

       

       
      That's it.  It works!
       
       



    • lordcroci
      By lordcroci
      Hi there!
      I'm new around here, looked for the presentation thread but haven't found any! 
      Anyway I hope to be able to contribute (as far as my newbie's knowledge will be useful )....

      Speaking about what I'm trying to do, I have this amazing microserver gen8, on which I have 2 3tb wd red as storage and an ocz 125gb ssd on 5° port.. Installed a couple of days ago mr. PROXMOX (I'm a complete newbie to it too ) and configured the xpenology 6.0 that runs amazingly!
      Now.. I'm just wondering which is the best option to configure a vpn (possibily openvpn) and from my inexperience I found a couple of options:
      - try a container with turnkey debian 8 OpenVPN
      - install ubuntu on a VM and setup openvpn
      - try the vpn server on xpenology
       
      or the least pleasurable
      - install openvpn on my windows 10 pc and leave it turned on in way to access the microserver through vpn.. 
      What do you think is better to do? Considering that I am a real noob and will need some guide or some tutorial (already googled something and Have found a lot of material on the openvpn site.. but honestly can't find so much about proxmox and vpn)

      PS: sorry for my english, but I'm italian and I'm still learning!
       
      thanks a lot!
      Lordcroci
    • cDuck28Z
      By cDuck28Z
      Good evening,
       
      I'm new to the forums, and brand new to servers in general. I recently purchased a used T620 and hope to have win10 installed with a raid 6 array of 5 8TB drives expandable to 8 as required shortly. This machine will be the backbone of a network set up for our squadron for personal use (file sharing, media streaming, etc.). I've mulled over a lot of ideas on how to properly set up the network, but being so new to it all I'm afraid I've fallen short. Here are some of the ideas/requirements I'm hoping for:
       
      1. NAS and file sharing
      2. Controlling/limiting who is logged in, and how many instances of the same login can access the network simultaneously (trying to limit user name and password sharing)
      3. Plex or Kodi media server with streaming
      4. Gaming server for games like WoW or Minecraft
      5. Continuous video recording (security cam for my state room)
      6. Chat client
      7. Console server for xBox, PS4, etc (probably as simple as a LAN thing but worth asking)
      8. Accessing my NAS from the internet one home from deployment like a personal cloud
       
      - For the NAS (1), I would really prefer to be in control of the file structure. Having a directory where others can drop files and folders, but the bulk of the file file structure would be read only for the users and I can place new content accordingly. Additionally, if each person could have their own small (20-50gb) amount of space for personal storage only they could access?
      - Controlling user login - I will be providing most of the hardware, including the server, for the squadron so it would be great to recoup a little bit of that up front cost. My idea was to provide permanent access to the network for $20 (for a 7 month deployment). with an expected 50-70 users, it's not a lot but it can help cover a bit of a multi-thousand machine. To do so, I am interested in limiting each user to one login and it ca only be used one at a time. I know this won't prevent everyone from sharing but hopefully it will encourage individual use. 
      - Plex or Kodi would be a great feature to help with #2 on the list. Plex might get a bit resource intensive but it does look nicer than Kodi IMO. 
      - I like to play Minecraft and thought my friends might enjoy exploring a world together. This one shouldn't be too hard on Win10 to set up. Other games might be more of a challenge but again, just throwing out some possible ideas
      - Personal security camera should also be pretty easy to set up on Win10
      - A chat client would be great because our rooms will probably be pretty far away. Might just be a simple program? I really liked how NextCloud has it built right into their OS, but seeing as how I'm going to be using this as a personal machine as well as a server, I am trying to avoid running a dedicated OS for that reason.
      -I believe the console server can be handled by the individual consoles. 2 or 3 xBox's on the same LAN should see each other without any other hardware?
      -Once we return from deployment, I would like to be able to access my NAS like a cloud server.
       
      The machine that I got is a professional grade server, but hopefully Windows 10 wiill be adequate and robust enough to handle these tasks however. I see advantages to using software like Synology DiskStation Manager, FreeNAS, or NextCloud, but none of these seem perfect for the job, and I still need a windows machine for deployment. Unfortunately, I also don't have the IT background or experience necessary to run a Windows Server 2008 for example, so relying on Windows 10 seems most logical to me. 
       
      I'm looking forward to your suggestions and help!
      Thank you for your time. 
    • ETBrown
      By ETBrown
      I am finally replaced my custom built desktop PC after about 5 years. 
       
      Now that I have a retired computer with a decent pair of video cards I want to dip my toe into cryptocurrency mining.  Although I realize the old equipment won't produce as much per watt as newer graphics cards, I already have 2 HD 7870's that will just collect dust if I don't do something with the system.  There are also a few older components lying around so I've been contemplating repurposing my old computer and components to create computers for the following roles:
      A dedicated storage server that would also host my Plex media server and backup content locally.  (Yes a NAS box could do this, but I already have PC parts and don't want to spend $1k+ on a NAS box that can accomodate all of my 4TB and 6TB drives). A cryptocurrency mining rig A router/firewall replacement  
      I'm new to mining and know that the mining rig needs graphics cards, but how significant of a difference does the CPU make in a mining rig?  I can either use an Intel Core i7-3770K or an Intel Core i3-3250.  The dilemma is that the i7 should be able to transcode roughly twice the number of simultaneous streams (4) that the i3 can transcode (2+) based on the PassMark scores.  I don't want to mine on the same machine as my Plex server since my previous mining attempt created OS stability problems.
       
      Does memory make a large difference in cryptocurrency mining?  I can either use 32 GB of ram or 16GB of ram.
       
      Lastly, would it be better to combine the storage/Plex server and router/firewall roles into a single computer and run each as a VM?  What do others recommend for this? I've heard about Pfsense and watched a few setup videos, but that appears to be designed to run on a dedicated system.
       
      Thank you in advance to those that have constructive feedback for me.


×
×
  • Create New...