Philhawk Posted February 1, 2021 Share #1 Posted February 1, 2021 Hi, I recently read an article online, which said that DDNS is a major security risk to the LAN, especially with DSM 6.1 ... Is this true/ is there something I can do to make it safer (Upgrade to DSM 6.2 does not work)? Thanks for your help. Link to comment Share on other sites More sharing options...
0 test4321 Posted February 1, 2021 Share #2 Posted February 1, 2021 7 minutes ago, Philhawk said: Hi, I recently read an article online, which said that DDNS is a major security risk to the LAN, especially with DSM 6.1 ... Is this true/ is there something I can do to make it safer (Upgrade to DSM 6.2 does not work)? Thanks for your help. If you are running un-patched version and you allow DDNS through your Firewall and hackers own your machine - they can possibly own other machines on the network. Your role is to limit the surface of attack: - limit countries that can connect - limit IP's that can connect - set timing on firewall open / close ports (pfsense can open / close ports by schedule) - set ports that are not standard for synology (not 5000 / 5001) - set IP blocking for brute-force attacks (limit how many failed logins can happen from 1 ip address) - put your Synology on a separate from network VLAN The smaller the surface of the attack the better your chances are to stay safe. Definitely upgrade your Xpe if you are a few versions behind. 1 Link to comment Share on other sites More sharing options...
0 Philhawk Posted February 1, 2021 Author Share #3 Posted February 1, 2021 tahanks for your answer 1 Link to comment Share on other sites More sharing options...
0 Polanskiman Posted October 12, 2022 Share #4 Posted October 12, 2022 The question(s) in this topic have been answered and/or the topic author has resolved their issue. This topic is now closed. If you have other questions, please open a new topic. Link to comment Share on other sites More sharing options...
Question
Philhawk
Hi,
I recently read an article online, which said that DDNS is a major security risk to the LAN, especially with DSM 6.1 ...
Is this true/ is there something I can do to make it safer (Upgrade to DSM 6.2 does not work)?
Thanks for your help.
Link to comment
Share on other sites
3 answers to this question
Recommended Posts