1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

NAS and router security concerns

Discussion in 'QNAP' started by Kashif Tasneem, Feb 24, 2020.

  1. Kashif Tasneem

    Kashif Tasneem Occasional Visitor

    Joined:
    Jan 17, 2020
    Messages:
    29
    Hi. My NAS is Qnap TS-451+ and my router is Asus GT AX-11000.

    Yesterday I was trying to setup a DDNS on my NAS and opened some ports and enabled UPnP on my router. When I logged into my NAS today, I saw hundreds of failed login attempts from remote IPs. I searched and found out it’s due to open ports and UPnP. I disabled both of them immediately.

    Now my concern is that how do I make sure that neither of my connected devices to the router are effected?

    My NAS have logs disabled for SMB and AFP logins. Can these protocols be accessed remotely?

    Is there anyway to make sure that everything is okay?
     
  2. dosborne

    dosborne Senior Member

    Joined:
    May 11, 2019
    Messages:
    486
    Location:
    /dev/null
    The NAS would have opened up a single port only and the router would only have exposed the NAS via this port. Assuming you have recent firmware on the NAS and have a halfway decent password, then you don't need to panic. As long as the NAS was not breached, the other devices on your network were not vulnerable.
     
    Kashif Tasneem likes this.
  3. Kashif Tasneem

    Kashif Tasneem Occasional Visitor

    Joined:
    Jan 17, 2020
    Messages:
    29
    Thank you.
     
  4. sentinelvdx

    sentinelvdx Very Senior Member

    Joined:
    Sep 23, 2014
    Messages:
    570
    Location:
    Buenos Aires - Argentina
    I have a similar scenario. What I would suggest I been on top of:
    -Having always latest firmware and apps. updated.
    -Having strong password.
    -Using two factor authentication
    -Disabling admin account and creating and account with different username

    My case I was having lots of brute force attemps from Rusia and China. I solved it by using skynet firewall and rmerlin firmware on my RT-AC88U.
    the downside for you is that RMerlin does not support GT series.
    But it's common these days bots will try brute force to any device exposed to internet

    Sent from my SM-G965F using Tapatalk
     
    Kashif Tasneem likes this.
  5. Kashif Tasneem

    Kashif Tasneem Occasional Visitor

    Joined:
    Jan 17, 2020
    Messages:
    29
    Thank you.