Advertisement



  1. Things you need to know about the new ‘Conversations’ PM system:

    a) DO NOT REPLY TO THE NOTIFICATION EMAIL! I get them, not the intended recipient. I get a lot of them and I do not want them! It is just a notification, log into the site and reply from there.

    b) To delete old conversations use the ‘Leave conversation’ option. This is just delete by another name.
    Dismiss Notice

QNAP NAS’s - malware attack.

Discussion in 'audio' started by AndyU, Nov 1, 2019.

  1. Dowser

    Dowser Learning to bodge again..

    Huh? My QNAP is not visible to the internet, I am running no services on it that requires it to do so. I am not blocking anything to the QNAP per se, I just have a zero trust policy and ensure whatever internet access router I have only allows in>out initiated connections. Zero incoming Udp/tcp allowed, default drop rule first in my list :)

    I think you need to qualify your statement? :)
     
  2. Amber Audio

    Amber Audio This is the Day

    If your QNAP is infected then it will dial out to the Malware Command and Control Server, any related inbound connections will then be allowed through your Firewall - otherwise you'd be unable to do stuff like surf the web.

    Unsolicited inbound connections will be blocked. Solicited connections will be allowed out and then there is a path back into your network.

    How likley you are to get the infection onto the QNAP is an unknown, in your case highly unlikely, but not impossible.

    Gus
     
  3. Guest432

    Guest432 Guest

    I suggest you pcap your NAS and you'll see it's making outbound connections to things you didn't expect. Having a rule that blocks incoming traffic is OK but it doesn't stop your NAS making outbound connections.

    I'm using a Palo Alto firewall at home and here's a screenshot of my outbound NAS traffic with GitHub as an example:

    [​IMG]
     
    Sibbers likes this.
  4. adamdea

    adamdea You are not a sound quality evaluation device

Share This Page





Advertisement


  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice