QNAP NAS Hacked

[degrub]

proven, but mixed reliability history

 

[SSri]

As some one suggested in this thread, please install the last known stable version. If in doubt, please post the version you are keen on, and ask advise.

 

[L&LD]

M-DISC tech is completely different from normal optical media. But I trust nothing. That's why I store data in the different devices including NAS, Internal HDD, External HDD, USB, Micro SD, SSD, Cloud something like that. I use External NVMEs instead of USB Flash Drives a lot. I only store family videos and photos in M-DISC with triple backup. Absolutely I store those same important data in HDDs too. I've seen a lot of people who lose their unrecoverable data. I even saw bankrupted companies because they lost data including Accounting record. NAS duplication? I've seen people and companies that lost all of data or important data with NAS backup system. They go bankrupt in the real world. I'm still seeing them. I use NAS too. I use NAS duplication too. Also I have experience of NAS HDDs Death with Synology so suddenly. The one of the worst backup system is NAS. It's worse than external HDDs. I think NAS is not a storing data system but a streaming data system.

M-DISC is optical storage, period. Nothing different from 'normal' optical storage, regardless of the marketing claims (who is going to fight the 1000 year average failure guarantee?).

A single NAS is not a backup of data. Properly done, it is a 'backup' of the mechanical drives that can fail.

A backup solution spans more than a single backup device/service. We both seem to understand that.

 

[follower]

M-DISC is optical storage, period. Nothing different from 'normal' optical storage, regardless of the marketing claims (who is going to fight the 1000 year average failure guarantee?).

A single NAS is not a backup of data. Properly done, it is a 'backup' of the mechanical drives that can fail.

A backup solution spans more than a single backup device/service. We both seem to understand that.

I don't trust 1000 years. Sure it's a marketing tactic. But M-DISC is different from normal optical media.
Normal optical media: burning and changing the structure of organic dyes to record with low power laser.
M-DISC: burning no organic layer like carving with high power laser.
There are a lot of test results about it. Me? I've tested CD-R, CD-RW, DVD-R, DVD-RW, BD-R, BD-RE, M-DISC(BD-R, BDXL) with my dad years ago. He showed me how it worked. Only M-DISC was survived.

 

[Pompeyexile]

So, obviously not being prepared to pay the thieves who hacked my NAS and the restore instructions given to me by QNAP has not worked, I have accepted it is lost and therefore, completely restored my QNAP NAS back to factory settings and set it back up from scratch. I have again attached an external 8TB hard drive to it and set the NAS to Back-up to it once a week. I have re-installed iTunes and tested everything is working, in that I am able to rip from my PC a CD onto iTunes and also QMusic Station which sits on the NAS. I can also connect to it through the Sonos app that sits on my iPhone. All that remains is the very long job of ripping the remaining 1900 plus CD's.

My question now then is this. I have made sure that on my BT Hub router that my NAS is connected to, UPnP is turned off. On the NAS I have the Qfirewall and Security Counselor apps set up with Anti virus and Malware removal activated. I also have the password to get into the NAS set up using NordPass. I've been told to stop the hackers getting in again, to make sure my NAS is not connected to the internet. How do I do this and yet still have the ability to connect to it from my PC and my Sonos from my phone? Simple to follow instructions would be appreciated as I am just not very good at this.

On other thing I have noticed. Although I do not log into my NAS using admin, I have noticed if I turn off the read/write permissions for admin or disable admin, I cannot connect to the NAS or iTunes from my PC. Only when I turn the read/write permissions back on can I connect to it. Even though my log in user has read/write permissions ticked, it seems that my PC only recognises admin. I am very confused.

Once again thanks for all your advice and help.

 

[dosborne]

. I've been told to stop the hackers getting in again, to make sure my NAS is not connected to the internet. How do I do this and yet still have the ability to connect to it from my PC and my Sonos from my phone?

Go back and see the check list in post #19

 

[Pompeyexile]

Go back and see the check list in post #19

I have done all of that... UPnp and port forwarding on my router and NAS has been turned off, so has automatic updating. I have loaded he QNAP firewall and security anti-virus apps. I have added an 8TB external ard drive and set up the NAS to back up to it once a week. I have created a new user giving it a very strong password from NordPass and giving it all read/write access. I then disabled the admin user as this was advised and found when I did, I couldn't access the NAS, so I had to enable the admin user again.

I have set up iTunes again on my NAS and tested ripping a CD from my laptop to iTunes and pointing the library to where it sits on my NAS and it works a treat. I can see it on my laptop, my Sonos app on my iPone can access it too. Also, when ripping a CD to iTunes it copies it to QMusic as well. So, all that is working fine. But I want to do all this without my NAS being connected to the internet so I can't be hacked again.

My laptop says my BT wireless network is 'Private network' I'm gusseing this isn't the same as a home or local network.

I have asked QNAP for step-by-step instructions on how I can achieve

 

[dosborne]

If you have followed all those steps and are running 4.5.4.1892 or 5.0.0.1932 firmware, then that is all there is at the moment in terms of "protection", although I would prefer the term "mitigation".

There are no guarantees, because as you stated, you connected your NAS to your home network and thus the internet and seem to be running a number of apps , particularly ones that probably scrape information from a variety of sources.

I guess I am not seeing what you are really asking or where your confusion is, or what you expect to get from QNAP.

But, hopefully part of your "moving forward" strategy includes a more robust backup plan. If your automated backup simply syncs the contents for example, it would erase the newly ripped files with encrypted ones if you got "hit" again and didn't stop the backup process. At least 4 NAS vendors have been hit in recent weeks now so you need to have a backup and recovery plan that factors this in.

 

[SSri]

I guess I am not seeing what you are really asking or where your confusion is, or what you expect to get from QNAP.

His question are:

1) How to keep the NAS in the local network without internet so that his appliances can see it?

If he has a BT home hub, this wouldn’t be easy. The OP can access the access control to see if that can be achieved. Denying may disable access every where. A third-party or an advanced firewall access might be required.

Neither I have a BT router nor a NAS to check and tell the OP
2) He isn’t seeing the NAS on the local network unless the default admin account. This is strange as he already has another account to administer it.

If he has a static IP, then his appliances can connect with that address, provided he configures each device to the NAS using that static IP through via (new) network connection. The Windows has a network discovery, which is good. Mac should have something equivalent.

 

[Pompeyexile]

When I set my NAS back up the log in default name for the NAS was some of the MAC number. I changed it to a new name and gave it a strong password using my NordPass password manager. Once in, I then added a new user (me) set up a strong password and gave it all permissions. In filestation I added iTunes. So far so good.

My NAS under its new name that I gave it appeared on my laptop. When I clicked on it, I could see the share1 folder I had created with iTunes on it. I then opened iTunes on my laptop and the skin was there but of course no music. In iTunes I then added the path to the library on my NAS. I then ripped a CD. It appeared on iTunes and when going into the NAS could see it appeared on the iTunes Music file and also appeard on QMusic Station. I then went onto the SONOS app on my phone and again added the pathway to the music file on my NAS, and sure enough the CD I had ripped appeared. So, apart from having another 1900 plus CD's to rip everything seemed back to normal access wise.

But, because everything I read says for safety to disable the original admin account and use only the new user with a strong password, I went back into the users on my NAS and disabled it. However, in doing that when I went back to my laptop and clicked on the NAS it came up with a message saying the account is disabled. Then, if I tried to open iTunes it says the library cannot be found and to set one up again. Therefore, I have had to enable the original admin user again to access the NAS and the iTunes.

This is where my confusion lies. I done everything concerning disabling UPnP and port forwarding on the NAS and my router and switching off auto updating which means any updated will have to be downloaded from the QNAP website to my laptop on a regular basis and loading them from there. What I cannot get my head round is why when disabling the original admin user I cannot connect to my NAS or iTunes.

When running the QNAP security app I got a high risk message to say the default admin password had not been changed from the default password. I didn't do that originally because I set up a new admin (me) and was going to disable the default admin which as I said I can't do. I have also gone into users thinking that maybe if I can't disable it, then I can give the default admin user a new strong password, but there is no tab in the original admin user that allows the password to be changed, but there is in the new user (me) that I created. I have included some screen shots.

No doubt it is a simple set up mistake on my part and if this is the case I just need someone to point me in the right direction to correct it.

Many thanks

 

[SSri]

When I set my NAS back up the log in default name for the NAS was some of the MAC number. I changed it to a new name and gave it a strong password using my NordPass password manager. Once in, I then added a new user (me) set up a strong password and gave it all permissions. In filestation I added iTunes. So far so good.

My NAS under its new name that I gave it appeared on my laptop. When I clicked on it, I could see the share1 folder I had created with iTunes on it. I then opened iTunes on my laptop and the skin was there but of course no music. In iTunes I then added the path to the library on my NAS. I then ripped a CD. It appeared on iTunes and when going into the NAS could see it appeared on the iTunes Music file and also appeard on QMusic Station. I then went onto the SONOS app on my phone and again added the pathway to the music file on my NAS, and sure enough the CD I had ripped appeared. So, apart from having another 1900 plus CD's to rip everything seemed back to normal access wise.

But, because everything I read says for safety to disable the original admin account and use only the new user with a strong password, I went back into the users on my NAS and disabled it. However, in doing that when I went back to my laptop and clicked on the NAS it came up with a message saying the account is disabled. Then, if I tried to open iTunes it says the library cannot be found and to set one up again. Therefore, I have had to enable the original admin user again to access the NAS and the iTunes.

This is where my confusion lies. I done everything concerning disabling UPnP and port forwarding on the NAS and my router and switching off auto updating which means any updated will have to be downloaded from the QNAP website to my laptop on a regular basis and loading them from there. What I cannot get my head round is why when disabling the original admin user I cannot connect to my NAS or iTunes.

When running the QNAP security app I got a high risk message to say the default admin password had not been changed from the default password. I didn't do that originally because I set up a new admin (me) and was going to disable the default admin which as I said I can't do. I have also gone into users thinking that maybe if I can't disable it, then I can give the default admin user a new strong password, but there is no tab in the original admin user that allows the password to be changed, but there is in the new user (me) that I created. I have included some screen shots.

No doubt it is a simple set up mistake on my part and if this is the case I just need someone to point me in the right direction to correct it.

Many thanks

I don’t know if you had set up the admin account properly. You should add the account to the admin group. Please see this, this, this and follow.

If you haven’t joined the QNAP forum, please do join. Those guys will be able to offer extensive guidance with QNAP.