Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

NAS vulnerability

#1
I have been thinking about adding a NAS to my home network for backups and Plex but after watching your video on Deadbolt I fear that getting attacked twice in one year shows that these devices are far too vulnerable to be useful.

Background:
I have a home network with PCs and Android and Roku devices. I am using Plex Server (running on my desktop) to access my thousands of music, photo and video files. I have been backing up all of our non-media data from PC to PC and also to a removable, external hard drive. I have been backing up all media to another removable, external hard drive.

I have been contemplating some sort of NAS to replace the external hard drive backup storage I’ve been using. Then my Tivo failed and I started using Plex as my DVR for over-the-air requiring me to leave my desktop on for many hours longer than I would like. I recently discovered your channel and through your excellent videos decided that either the Qnap TS-453E or TS-464 might be a good fit for me. Then I watched your video about the Deadbolt attacks happening twice in one year and I feel these NASes are way too vulnerable. Would you please comment?

Gary
Reply
#2
Yes, it might feel like NAS is not a safe option to expose to the internet. But truth is that the internet is full of guides on how to enable open ports on your router so you could easily access your computer or NAS server. This also includes NAS brands that recommend opening ports instead of using the private tunnel they themselves offer to connect. With open ports, it is faster to connect and transfer data since there is no need to route through a long way around it (safe way via proxy or VPN).
Once you open the ports, you need to prepare for the worst scenario. It is similar to leaving a nice car in a very dangerous part of the city. There will be someone trying to get in every single minute.
So you need a firewall, a good password, a unique username and account autoblock enabled. Also, all apps need to be regularly updated. Or even better - locked and inaccessible behind the firewall. Only necessary apps such as Plex would be allowed to communicate through the internet.
Synology with their Security advisor system automates lots of things to keep your NAS safe. But, I would access it only via Qnap Cloud link or Synology Quick connect to avoid hackers.
TS-464 is a very good choice. It is similar to DS920+ from Synology. This might be the last year they make Multimedia friendly NAS for home users. They try to profit from businesses instead.
Anything with Celeron inside will make a good fit for you. For local use, you could also use Realtek CPU, but it is limited to just few things running at one given time.

I hope this helps.


Thank you for your support, this keeps us going.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)