deex wrote:
> >> From what I see on this forum last time they said "It's your fault if
> it's not secure"; all the passwords I have on the device are randomly generated
> and secure, the attackers are providing a solution to Terramaster (it's a lot of
> money, granted!) but we're still being left in the dark<<
>
> This is exact what i feel especally with posts of charlie crooker, not able to
> explain the correct format of IP Table inputs but blaming users for a security whole
> that is not made by them. If your company data is on the NAS you can't just testing
> arround with IP Formats, it might possible that you cut of all connections and are
> not gaining access again. I work a long time with Linux server and trust me you could
> do a lot of bad things with wrong ip table formats especially if you have no recovery
> access as backup .
>
>
> First of all to my previous statement.
>
> 1) I have two firewalls, in my cisqo switch and in the router, the nas was not
> exposed to the internet from the firewalls i also checked it with external requests
> to my public ip.. but well seems that it WAS possible
>
> 2) To the rude questions why i did not change the port.
> Because I DIDNT KNOW about the risk of the issue, i got NO Mail, No forced Firmware
> Upgrades, no info at all and i have work to do i havent the time to check every day
> the forums here (think about i would to this all my hardware)
>
> The only thing that brought me the issue to the attention was strong blinking NAS
> LEDs and i was on the way to check my nas whats going on
>
> A bit luck for me
>
> I installed the drives to my Windows PC, Installed KALI Linux via VMWARE,- Converted
> and mounted the RAID and finally found my backup Data intact. Whats not so good is
> that i needed to buy some Hardrives to merge my untouched data with my backup files.
>
> So as i rember right all that i had open was SAMBA.
>
>
> I had a real bad day.. but what makes me more sad is not what the hacker do... it is
> sad that all NAS Systems have these extreme bad security status. It is a shame..
1. To test what ports are exposed just go here and it will test
https://www.grc.com/x/ne.dll?rh1dkyd2 it will also test if you have a Upnp vulnerability. What make and model of Router and switch are you using, are they on latest firmware? I'm, confused that you have a switch with a firewall, I presume its a layer 3 switch, I have never heard of Cisqo so I presume you mean CISCO? Anyway read this
https://security.stackexchange.com/ques ... r-than-one
2. There were no rude questions get off your high horse and chill. If you read page one of this thread, you would see amongst the advice offered by TM was to change these ports. I was confused/bemused by your statement that "I had asked many times about configuring the firewall", when it was your second post on this whole forum. But I wasn't rude, I was wondering what you meant.
2. You don't need to mess around with IP tables. I posted a video about how to setup firewall rules. If I can do it, then I am sure you can.
3. If the only service you had running was SAMBA then it would appear that either TM expose ports through some nefarious means, or your network is vulnerable.