This week there have been numerous brute force attacks reported against qnap and Synology products. One of my TOS servers was also attempted to be probed but my network firewall blocked it.
Synology has advised their users to take several actions in defense. The first was to change passwords and use strong passwords.
Next they advised deleting the default "admin" account and creating a different account in the admin group.
I know that I can create a different admin user, but is it possible in TOS to have a different password for root? At present the root password is the same as admin but I'd like to make a different one if possible.
Brute force attacks on NAS products - how to protect?
Re: Brute force attacks on NAS products - how to protect?
Thank you for your information. Untill this moment, we didn't receive any report about brute force attacks on TerraMaster NAS, but a stronge password is always recommended for admin group users, and it is recommended to change admin password from time to time.
Currently you can't set a different password from admin for root.
Currently you can't set a different password from admin for root.
To contact our team, please send email to following addresses, remember to replace (at) with @:
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
Support team: support(at)terra-master.com (for technical support only)
Service team: service(at)terra-master.com (for purchasing, return, replacement, RMA service)
- sianderson
- Posts: 293
- Joined: 02 Aug 2020, 03:42
Re: Brute force attacks on NAS products - how to protect?
presumably they can only brute force if the nas drive is exposed in someway or there is malware loaded on an internal connection?
F2-210
4.2.43
4.2.43
Re: Brute force attacks on NAS products - how to protect?
The only time the TOS machine has seen the internet is when TOS was downloaded. Been behind the firewall ever since.sianderson wrote: ↑15 Aug 2021, 00:36 presumably they can only brute force if the nas drive is exposed in someway or there is malware loaded on an internal connection?