Complete guide to protecting your QNAP NAS server from intruders from Jack prabha's blog

When we have a NAS server in our home, we usually have it always on, and we can access it remotely over the Internet using different methods (FTP, FTPES, SFTP, via VPN to the NAS itself, etc.). It is possible that cybercriminals try to attack our server, to access with administrator permissions and take full control of the NAS server. Today in RedesZone we are going to explain everything you can do to protect your NAS server from the manufacturer QNAP, because QNAP incorporates different configuration options and software to greatly improve security and avoid attacks.


NAS servers in general are the target of cybercriminals to steal confidential information, both in home and business environments. QNAP is one of the largest NAS server manufacturers in the world, and it stands to reason that it is the target of cybercriminals. If you want to protect your NAS server as best as possible to avoid external attacks (from the Internet) and also through the local home or business network, pay close attention to this complete configuration tutorial where we show you everything you must do to protect it.


Disable UPnP on the router

The UPnP (Universal Plug and Play) protocol allows the applications of certain devices connected to the local network to tell the router to open a certain port (or several ports) so that they are accessible from the outside. This protocol is useful for users with little knowledge who do not know how to open ports manually on the router, but it also brings many problems, because we will not know exactly which ports are opening (unless we enter the router, UPnP status).


IP cameras, NAS and other devices in our home can make use of this protocol to autonomously open ports on the router, which is a security risk. The best thing you can do is disable this protocol on your router, you must go into the router's web configuration, in the NAT section you will have the UPnP and it will allow you to disable it. Depending on the router model you have, this configuration option will be in one place or another. In our case, we are using pfSense as the main router, and it is in "Services / UPnP", as you can see, we have it disabled by default.


The role of a server technician is to ensure that the network infrastructure in place supports a business. 


Previous post     
     Next post
     Blog home

The Wall

No comments
You need to sign in to comment