Safe to use NAS as internet facing webserver?

[ReD-BaRoN]

I know that many of the NASes have website software built into them. I'm somewhat worried about actually subjecting the NAS to being accessable on the Internet. What do you guys think? I would think it's a big security risk in doing so. Main Linux distros keep up with saftey patches, not sure NAS manufacturers will be as good at that.

Thoughts?

 

[fullroast]

The answer depends on what you are trying to do. I would not take a NAS out of the box and place it directly in on the internet with anything on it I wanted to protect.

Personally, I would [not] give internet access to any server that had data on it I did not want the general public to have access to. I have a NAS that I use at home for storing photos, music, and personal files. I would never make part of that NAS accessible on the internet. I don't want to add any additional risk to the content being accessed or compromised.

I have placed NAS devices and servers on the internet to share files, blogs, etc., and even set up "secure" areas for private sharing with family and friends. The NAS/server is always behind a firewall, filtering is from the firewall plus the NAS/server, and I try to limit the impact of any breach in security by making sure there is nothing on the NAS/server that is not backed up and is not too sensitive if someone should get unintended access to it.

 

[jrak]

I raised this question in March and you may want to take a look at this thread:

http://forums.smallnetbuilder.com/showthread.php?t=1387