mitzone Posted September 11 Share #1 Posted September 11 From what it seems, entry point was thru the PhotoStation app which was exposed to the internet. The hacker enabled ssh, changed sshd_config to allow reverse tunnels and TCP/gateway forwarding and added a key into authorized_keys. I'm still doing damage control; I just wanted to let you know that PhotoStation's security (which is no longer supported by synology) is compromised. Cheers! 1 Quote Link to comment Share on other sites More sharing options...
smileyworld Posted September 12 Share #2 Posted September 12 Why did you still use DSM 6 and Photo Station? Quote Link to comment Share on other sites More sharing options...
IG-88 Posted September 16 Share #3 Posted September 16 (edited) On 9/12/2024 at 7:49 AM, smileyworld said: Why did you still use DSM 6 and Photo Station? maybe the hardware does not support 7.x or there are some older packages that do not run with 7.x, also often a case of not sink time if its not needed (dont fix things that are not broken) as 6.2 is still under official support including photo station until the end of the month https://www.synology.com/en-global/products/status/eol-dsm62 Edited September 16 by IG-88 1 Quote Link to comment Share on other sites More sharing options...
Trabalhador Anonimo Posted September 17 Share #4 Posted September 17 what is your DS model? On Synology site, there is a path for upgrade to the last DSM, model by model. If you have some problems there, give me the model and the DSM version (6.x) so I can put here the path. Quote Link to comment Share on other sites More sharing options...
mitzone Posted September 17 Author Share #5 Posted September 17 Thanks for your offer for help. I stayed at latest 6.x for PhotoStation and for some other couple apps I was running on it. I'm at latest version with everything now. My initial post was mostly to let people know that I was stupid and that the latest PhotoStation version on DSM6.x is vulnerable and there are active exploits for it in the wild. Quote Link to comment Share on other sites More sharing options...
Synology_Service Posted September 21 Share #6 Posted September 21 Best to have the NAS behind a good firewall. Also disable SSH if not in use. Use a firewall that has a second stage access porting to your NAS, and the SSH/TCP/UDP ports. Don't forget Synowedjat too. That's Synology's access backdoor to your NAS. That runs if updates is turned on. Photostation in general is a much better app then the new one. There are exploits out there. Even for the new apps. Why a good firewall is the best thing you have have. Nothing truly is full proof in the world. Its a matter of time. The latest DSM wasn't released due to exploits. It was only made due to the apps in DSM 6.2.4, and the licensing Synology had to pay with those and 3rd party developers. Why nothing beats DSM 6.2.4 and the apps that came with it. In fact a NAS on DSM 6.2.4 has more value then one on DSM 7.x. As it has the better licensing for the apps. Only problem that happened in the older DSM's is Synology decided not to support them anymore, for all the money they had to dish out for the apps to be developed for them. And they dropped any security updates along with it. That's why when you install the new DSM and apps. You will see where the cost cutting really happens. You get alot less for sure. Only a new interface is about it. Surveillance Station was the main killer for Synology when this started for the DSM updates like crazy when DSM7 started.. The memo on why was released about 2 years ago. But it clearly stated. Synology didn't want to pay anymore for the licensing on those apps. Now with the newer DSM's comes the limitations. And alot less. To me. Noting beats 6.2.4. Maybe just me. Why I would suggest a good firewall over anything else. Even if you're on DSM 7.2.2. As its only a matter of time. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.