Vulnerability. What should current xpen users do?


Recommended Posts

hope that they can upgrade to latest or fixed Version, but as the loader support is important it is not so easy task.

 

so best for Xpen users.. dont allow DSM to be available from the Internet ;)

Link to post
Share on other sites

Anything exposed to the Internet will be at some risk. With my setup, I have:

- default admin disabled

- long passwords for user accounts I have created

- 2FA

- permanent ip blocking if 2 incorrect attempts within an hour and I review before unblocking

- ssl using letsencrypt

- custom ports for https and http not available externally 

- custom ssh port although this isn’t allowed through the firewall anyway

- firewall on the Synology and router

- specific ports only allowed to Synology

- access to Synology from within the UK and no access from anywhere else

 

I also review my logs and have it set up to alert me to any new logins from new devices/locations. 
 

Some of the above might be overkill but feel that it will help in securing the Synology even if/when this vuln is patched. If anyone has any other recommendations, I’m all ears!

Edited by Amrit86
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.