lev400
-
Posts
6 -
Joined
-
Last visited
Posts posted by lev400
-
-
VPN I have been meaning to do but not had success with it so far, couldn't get it working. And yes you are right, VPN is the way to go if the situation suits it.
-
Thank god its not effecting DSM 5. At least this has caused be to review my security settings on my NAS's. I will get my last 4.3 box updated soon, for now I have removed web/https access from the internet.
Useless mate! But good choice.
My suggestion is to block 5000 5001 ports in your firewall/cancel port forwards.
It's enough that the system is pingable on the internet the exploit just gets root permissions for the attacker and everything is installed automatically.
I have set DSM to use non default ports for HTTPS web admin access and disabled unencrypted access. Also blocked port 80 as if you visit that with it not blocked it will just re-direct the user to the web admin page with the hidden port. Of course the port is not that hidden and can just be port scanned but changing things from non-default ports is always a good step.
I have a few DSM systems in datacenters that use internet facing IP so I cant block them in firewall. I am just using the DSM inbuilt firewall. Only services I need are allowed thru the firewall.
-
Thank god its not effecting DSM 5. At least this has caused be to review my security settings on my NAS's. I will get my last 4.3 box updated soon, for now I have removed web/https access from the internet.
-
-
New ransomware that is effecting Synology DSM NAS's Have a Synology NAS? Is it accessible to the internet? If it is, You might want to take it offline for a while. Synolocker is a 0-day ransomware that once installed, will encrypt all of the NAS's files and hold them for ransom just like Cryptolocker does for windows PC's. The Virus is currently exploiting an unknown vulnerability to spread. Synology is investagating the issue.
We'd like to give you an update regarding SynoLocker, a randsomware affecting certain Synology servers. When trying to access DSM, it displays the message below, in addition to instructions for paying a fee to unlock your data:"All important files on this NAS have been encrypted using strong crypotgraphy"
What should you do?
If you are seeing this message when trying to login to DSM, please:
1-power off your DiskStation immediately to avoid more files being encrypted
2-contact our Support team so we can investigate further
Source:
More Info on Forums
Experiences with drive crash?
in Archives
Posted
Have been runing a HP Microserver with Xpenology 4 on it for about a year, nice and stable, no problems. Now upgraded (fresh install) to NanoBoot DSM 5. Have a few Microservers running DSM and a few VM's. Stable and very nice NAS OS!