What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Securely Opening Ports 80, 443, 8080, 8081

M

Maverickster

Occasional Visitor
Alrighty, here's my situation (this may be more facts than you need, but thought I should give them all). I know *how* to do everything I'm describing here. I just need a little guidance as to how to do it *securely*.

I have a QNAP 259 Pro NAS sitting behind a Netgear WNDR3700 Router.

On my home network, the NAS acts as my file server, media server, backup device (the NAS itself is separately backed up), etc. for the various network devices on my home network. Works great.

I would like, however, for the NAS to be accessible from the Internet so that I can have access to my files and media from wherever I am. Specifically, I'd like to use the QNAP's Media Station, Web File Manager, and WebDav functions (to map my shares as drives in Win7). In addition, I may eventuatlly want it to act as my web server and mail server.

In order to do that, I need to use my DDNS account and open the captioned ports on my Router. If I do that, though, it seems that the only thing standing between the data on the NAS (which is all of the relevant data in my life, really) and the wild, wild interwebs is my password.

As indicated, I understand the mechanics of how to do all of this, but my question is, how do I do it securely so I'm not putting the data on my NAS "at risk" (or, at least, minimizing that risk as much as possible).

Any suggestions?
 
The only way I can see this being doable is to use a Reverse Proxy on a server that requires pre-authentication....

Or maybe port-knocking...

Either solution requires a server in front of the NAS... or depending on the NAS, if running a full Linux stack, maybe, and just maybe, it would be possible to do the above solutions.

Hope this helps!
 
Look @ http://www.tonido.com/

If you believe in port knocking, I think the libraries can be loaded into DDWRT firmware. DDWRT is available for the 3700 but I'm not sure how well it works just yet. Atheros has been a real challenge for the DDWRT developers.

Or consider VPN which is the most secure solution.
 
You must log in or register to reply here.

Similar threads

Jeje2
Recommendation on NAS for home use?
Replies
8
Views
769
sfx2000
sfx2000
D
Quiet NAS / home server
Replies
2
Views
2K
tgl
T
H
Solved SMB access to a NAS on a different subnet?
Replies
13
Views
1K
heddy
H
A
RT-AX88U Pro every one or two days is blocked.
2 3
Replies
40
Views
2K
atorcha
A
N
Connect two routers
Replies
8
Views
843
Nesalex
N

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 784 (members: 21, guests: 763)
Back
Top