jukolaut Posted March 11, 2013 Share #1 Posted March 11, 2013 While looking at the kernel sources and the os image contents I've come up with these "issues": 1. The kernel could use the gpio pins in the southbridge for controlling the hardware (leds, buzzers, fans) with the serial ports. If your motherboard is not the same as in the original synology box (very unlikely) they could be used something important. Most likely not but if your motherboard catches fire, this is the likely culprit 2. The operating system will contact synology's servers in many places, at least in every boot. If you're paranoid about this, I would consider running behind a firewall. So nothing major here, but at least you know now. Link to comment Share on other sites More sharing options...
Tuatara Posted March 14, 2013 Share #2 Posted March 14, 2013 To satisfy the paranoid: would you be able to extract/list the servers which are contacted? It would (should?) then be a simple matter to create a hosts file which prevents any "unexpected" contact from occurring. Link to comment Share on other sites More sharing options...
XoN Posted March 14, 2013 Share #3 Posted March 14, 2013 It's easy, just take some tcpdump captures; in the first 5 minutes connected to these IP addresses: 59.124.41.250 59.124.41.245 91.121.40.14 188.92.232.154 Just use nslookup to get domain names and add it to the hosts file as Tuatara said. On the bad side, you will not able to update packages Link to comment Share on other sites More sharing options...
Tuatara Posted March 14, 2013 Share #4 Posted March 14, 2013 It's easy, just take some tcpdump captures; in the first 5 minutes connected to these IP addresses: Disclaimer: I have yet to install XPEnology, (hence the question), but I will do so shortly. (ESXi) Just use nslookup to get domain names and add it to the hosts file as Tuatara said. The problem with a tcpdump/firewall capture is that this does not provide the original DNS lookup performed, as the IPs themselves (as you provided) don't have rDNS entries for nslookup (except one). 59.124.41.250 - 250.41.124.59.in-addr.arpa name = 59-124-41-250.HINET-IP.hinet.net. 59.124.41.245 - 245.41.124.59.in-addr.arpa name = 59-124-41-245.HINET-IP.hinet.net. 91.121.40.14 - 14.40.121.91.in-addr.arpa name = 91-121-40-14.ovh.net. 188.92.232.154 - 154.232.92.188.in-addr.arpa name = ukdl.synology.com. The lookups could be going to round-robin servers or be handled by any of a number of methods - which is probably why the IPs have no rDNS entries. It would be best to know the DNS lookup which has been placed in the source code itself, as opposed to just viewing the output. But if that's not possible (i.e. it's all binary blobs), then WireShark will be the next step. On the bad side, you will not able to update packages True ... but unless you now register the XPEnology box in the MyDS Center with a (real/fake/duplicated) Serial Number, using the automatic download/update will not be available - so this is probably not a "recommended" option either. As I use Synology products daily for my work - my benefits from XPEnology would be personal, and for virtual deployment & infrastructure testing (scale, loading, size, etc.) before purchasing and installing actual Synology hardware. Again ... it all depends on how paranoid you are. Link to comment Share on other sites More sharing options...
Recommended Posts