Good to hear, happy to help!

There are AV options available through the apps on the Nas

Nice! I found some bugs in the qnap stuff a few months back, got a few CVEs out of it 😓

Thanks!

No problem, sorry I'll try go a bit slower next time. You can always play it slower at 0.5x speed or something :)

I disagree. A quick roundup video of things one can do to harden device security like this should be just that. And with almost eight minutes of video for ten possible "things you've missed or not thought about" and giving a few small pointers in the general direction of where to find said function in the diverse menus I believe this video is pretty darn spot on as far as length goes. After all this is not a "howto" video. A video of, for instance, how to secure a QNAP NAS with a public certificate instead of the self published one could cover half an hour or more easily. This is especially true if every mouseclick is demonstrated and explained in detail which is actually pretty desirable in a good "howto" video, especially for less experienced viewers.

+Brazil Uluwita no problem!

No problem!

+Mohamad Zaroura no problem!

Hmm I've never seen that option in mine, that does sound very useful though.

It's under the options menu (Where you can also change the wallpaper style etc.)

Link to QNAP howto: www.qnap.com/en-au/how-to/tutorial/article/how-to-enhance-account-security-using-2-step-verification

2 Step Authentificatn can be skipped by typing in an alternative password. That sucks so much. The idea behind MFA is that you need 2 independant devices (e.g. your brain and mobile phone). But in QNAP you can replace the mobile phone with the google authenticator token by an alternative Password you have defined before (lets say a strong password which is stored in my password database). But what happens if my password database is hacked or the connection is captured by man in the middle. Its always the same password until I change it. The google token is always different because its based on time. In my mind: QNAP would solve this with an alternative password ONLY if you press a key on the qnap hardware itself to allow to accept the alternative password. So you ensure someone hst physical access to the nas device.

I suppose you could do that, if you're concerned about the password for the admin account being compromised. Only real reason I can imagine doing that is to prevent password brute force guessing attack on the known 'admin' user, but if you have set a sufficiently strong password trying to do that shouldn't be successful anyway.

As far as I am able to tell at the moment it's still not possible to disable and/or alter the username of the builtin admin account, even on the newer QNAP NAS models.

No problem!

Oh that's no good, I've never had any problems with updates myself but I suppose it will vary between models

Unfortunately, this is where I am right now... 5 hours later, several admin PW changes later, update to previous firmware... still no access. Is there a way one could somehow could remotely access the file system and access the MySQL database? I kind of doubt that, as by default, it doesn't offer that, unless you specifically permit that (which I did not, for security reasons, of course).

I've never tried that myself so not sure on the process sorry, maybe check the guides for the unit and see what info they have available, my model had some web pages showing how to do similar upgrades and install an SSD cache.

Depends where you save it, it's definitely worth making an offsite copy of it securely, otherwise RIP all your data if you forget a password. I save mine in an encrypted file elsewhere.

Nothing I guess, unless you can see the code of everything running on the system you have no idea, which is why many people opt for open source solutions - not that they actually audit the code themselves anyway so not sure how big of a difference it is.

Jarrod'sTech Exactly... So why would any business choose to use these devices to store their data? I don’t have a business and just use my Qnap NAS for personal usage. I would make my own server and NAS if I was to use it for running a business.

I also use mine for personal use, so it's not an issue. You could say the same about using Windows though, who knows what backdoors exist, you can always be super paranoid but realistically I'm not sure it's too likely some company is going to care enough to go through some random small businesses data, assuming their device is on the Internet for some reason.

@@JarrodsTech Intel loves back doors!

I don't put mine on the Internet, so it's impossible to access remotely. If you need to access it remotely then limit access by IP address or VPN, then you are putting your trust in their software and hoping it is vulnerability free.

Can't do that directly. But you can set QuFirewall to allow only IP's from ceratin regions (countrys).

Thanks, it was just a suggestion, there has to be a better way so people don't leave the defaults, maybe if it forced change on login, that'd probably work.

I agree with Jarod's Tech. Forcing users to change the default password on first login/device installation to a secure password should be the way to go for manufacturers of any device with a network connection. Also, one wants to be able to delete or at least disable the built-in administrator account after creating a administrator account with a useraccount name of ones own choosing to further enhance security. But as far as I can tell QNAP, while creating pretty awesome products, still do not offer that function even on their newer models. There are simply to many devices out there with the default credentials still in place, because the manufacturer does not force the end user into changing them. As far as I am concerned the thinking behind this was already flawed ten years ago but nowadays? You could say it's pretty unacceptable. And if anyone reading this believes this is a "their problem" kind of situation, think again. When big websites suffer from DDOS attacks initiating from a botnet of Internet of Things devices it becomes everyones problem.

👍

For what, remote connectivity from the Internet? Perhaps, if you trust their implementation of a VPN service that would always be running and available to the Internet.

Jarrod'sTech no I have ProtonVPN and use my Qnap NAS as an VPN client connected to ProtonVPN so if I use the same ProtonVPN server/ip I can remote connect everywhere only with the vpn enabled and it works like if I am on my local network so I can go into my router settings if I am outside in Las Vegas for example.

Jarrod'sTech yo

Nah.

Cool, didn't know that was an option although I suppose if you have physical access it's moot when you can probably pull out the power or otherwise negatively affect it.

I haven't run the benchmarks but I doubt it's 300%, yes there is obviously performance loss with encryption, sorry you thought it necessary to point out, the point here is to secure, which that does, not to improve performance/optimize anything.

To be fair, perhaps it was a 30% loss which would make more sense. The point is you need to give people the full picture. Otherwise they go around making changes to their NAS not understanding the ramifications and creating issues for them down the track.

lol

Nah. If you can't keep up slow the video speed down.

@@JarrodsTech I am not the first to say it's spoken too fast you sound like Alexa :)

@@marksimmons9252 Yeah well it's an older video so nothing I can do about it lol, it was how I edited my old videos, I cut out a lot of the gaps between sentences, I leave bigger spaces in more recent videos so it's already been addressed

😎

Sure, I guess spinning drives up from being stationary causes more stress compared to leaving then running constantly.

Go RED. Problem solved. Seagate is always making excuses for why their stuff fails...........ALL THE TIME!

Yeah I've improved the spot where I record since this so there should be less echo.

While not a native english speaker I had zero problems understanding every word you said. As far as I am concerned don't change anything (Apart from your recording spot that is, which you already have done.) as far as tempo and pronuncation goes: You're spot on and it keeps the videos nice and bite-sized. If people have trouble comprehending what you are saying (Which I didn't) I suggest they just rewind a few times, if people are stating they trouble to actually hear what you are saying because of the fact that you supposedly are talking to fast I disagree completely. Very good video, keep up the good work!

@@JarrodsTechI'm not a native english speaker and listened to your video at 125% speed without problems...