FredrickandNeval

joined 11 months ago
[–] [email protected] 1 points 11 months ago

The clue is MUG 🤣 just kidding. Wait until your current is near expiry.

[–] [email protected] 1 points 11 months ago (1 children)

Sorry? I actually own one. Looking to upgrade. HomeLab testing, hobby having fun.

 

We have a 1GB WAN Connection. Needs NAT so performance is a must.

What do you recommend?

[–] [email protected] 1 points 11 months ago

From experience most NAS drives, cctv boxes are built cheap and dirty. They are often slow and the proud product of a shite company/software developer.

Bad actors are running scripts on their servers, automated looking for know exploits in pages, ports and software. They are actively scanning thousands of WAN facing devices a minute.

Web pages are often written with poor practices. There is little to no care for security but just enough to satisfy the end user.

Java script protected pages (may aswell just write the password on the page)

Usernames and passwords embedded into source code. Session variables stored in cookies in plain text. Vulnerable to session hijacking, man in the middle attacks, and more.

One device we pen tested a few years back allowed access to the settings page without logging in. This is due to a header redirect being incorrectly used. The page served the form and tried to redirect the browser. We just stopped the redirect. Changed the password and logged in normally. Potato Security at its best.

These devices often do not have any rate limiting or firewall, which means brute forcing is nothing but pure playground for a nice database of known usernames and passwords. GPUs are fantastic for brute forcing. The more you have the faster you can test usernames and password combinations.

If you must share file access. Setup a VPN. Tunnel into your network securely and then access your NAS.

Assume everyone is gonna get you.

[–] [email protected] 1 points 11 months ago

Firewalls, Port Forwarding Blocking, Log Analysis. Paper is one thing, and practical is another.

Your server will be under attack the moment its facing WAN. Learn how to secure it.

[–] [email protected] 1 points 11 months ago (1 children)

Love it. Well done! How much storage you got?

[–] [email protected] 1 points 11 months ago

111w give or take idle.

 

Looking for a server to host file storage and other services.

Quick eBay and b00m. A Dell T130 with 12TB SAS and 16GB RAM for £50. I'll be honest I thought it was a scam.

4 x 1TB SAS 4 x 2TB SAS

I have no one else to tell about my excitement. This is now setup with a 2 x gigabit connections to my hom network.

Just eBayed another 12TB in SAS drives and could easily get them for £80.