jensmander

Depends on your DSM version. If your DSM is < 6.2 then you’ll have to modify your system as described in here:

Nonsense thread. Will be closed.

This can happen when you manually reload the web page after the first reboot. This will skip the initial setup. In short words: try again.

Multiple vulnerabilities allow remote attackers to conduct denial-of-service attack or execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Plus Server or VPN Server. More information: https://www.synology.com/en-us/security/advisory/Synology_SA_21_24

The question(s) in this topic have been answered and/or the topic author has resolved their issue. This topic is now closed. If you have other questions, please open a new topic.

DSM updates usually update some software packages/apps. So it‘s always a good idea to keep every rig on the same update level.

Self-signed certificates are only accepted without warnings if they are imported in the device‘s trusted certificate storage/pool as root certfication authority.

Synology PSIRT (Product Security Incident Response Team) has recently seen and received reports on an increase in brute-force attacks against Synology devices. Synology's security researchers believe the botnet is primarily driven by a malware family called "StealthWorker." At present, Synology PSIRT has seen no indication of the malware exploiting any software vulnerabilities. More information and security advises: https://www.synology.com/en-global/company/news/article/BruteForce/Synology® Investigates Ongoing Brute-Force Attacks From Botnet

DSM 6.1 doesn’t have the ACMEv2. Take a look in this howto:

https://xpenology.org/contact/ That‘s the best place for questions about your problem, not this forum.

This forum has nothing to do with the site „xpenology.org“. It‘s a different domain.

It‘s not only related to HDDs but to all electronic components. The shortage of various small components and parts affects every industry. Classic hardware, network equipment, displays, cameras, drives, servos, … - guess where you can find electronic components today. Simple example: standard Dell 24“ display. Bought 12 of them in 09/2020 for 119€ each. Price today: 290€. Standard industry drive: price in 11/2020: 750€. Today: 1,600€. And beside the price spiral delivery times (especially in the industrial sector) have gone sky-high ☹️

In Anbetracht der Tatsache, dass (meiner Meinung nach) das Projekt bald tot ist (sobald DSM 7.0 released wird), würde ich eher in eine echte Box investieren. Halbwegs vernünftige Racks mit Backplane, passender Höhe für Lüfter, Rails, etc. kosten schon ein paar €uronen. Zzgl. Board/CPU/RAM/HDDs, da ist man nicht weit weg von einer Originalbox. Natürlich ist die Performance bei Eigenbau wesentlich höher. Mir ist Xpenology mittlerweile zu unsicher und ich betreibe das nur noch als „laufen lassen und nicht mehr anfassen“-System.

Usually breaches from different devices occur only if they‘re exposed to the internet (NAT). Otherwise most routers/firewalls are only traversal in one traffic direction, from inside your lan to outside. Of course there‘re other attack vectors. Compromised cloud services or update servers for IoT stuff, router firmware bugs, etc. I can only guess but I think in your case it seems that your son(?) infected his PC with whatever evil stuff (remote shell, trojan, …). If you‘re lucky and he really completely wiped his system then you should be safe (again) but you never can be sure. Maybe it‘s a good time to think about using a real firewall like pfsense/opnsense or anything similar behind your soho router and diverting your network into VLANs with restricted access (if your switching hardware supports this). Put your 21 years old‘ PC into a separate VLAN and deny any access to your network except internet access. Most breaches occur from the inside when users with or even without full privileges can do what they want and click on every sh*t (mail attachments, obscure links, etc.). I think nobody can give you the ultimate advise in this case. To be absolutely sure then you should run malware checks on every system and change your passwords. Wiping systems and changing every password is the ultimate solution but that’s up to you. Just my 2 cents

It‘s not the username AND password in combination but only the password itself which has been leaked. Even generated passwords can be found in those databases.