Search the Community
Showing results for tags 'brute force'.
GeoIP Region Blocking using Synology Firewall I noticed internet performance issues today and was checking my router logs, I found excessive logs showing: Jun 18 20:55:48 dropbear: Child connection from <My Synology IP>:40894 Jun 18 20:55:49 dropbear: Exit before auth: Exited normally Jun 18 20:55:49 dropbear: Child connection from <My Synology IP>:40896 Jun 18 20:55:51 dropbear: Exit before auth: Exited normally I searched and found it was related to numerous invalid login attempts to the synology login page. This lead me to login to
Synology NAS systems are - along with QNAPs - currently the target of a wide brute-force attack. A botnet tries to break in via weak passwords and infects the system with ransomware. Once infected, it encrypts all files and data. This affects systems which are reachable over the internet (open firewall ports / NAT). To protect yourself you should - activate the DoS protection including account blocking - apply strong password rules to all users - create a new admin account with a strong password and disable the standard „admin“ account