QNAP NAS

QNAP online resources collection

Image
QNAP is the famous private cloud solution provider, the main product is NAS (Network attach Storage), this article collect QNAP online resources and help QNAPer / NAS beginner quickly know how to select NAS and find application information, if any suggestion website, welcome to comment and share with us. QNAP website  https://www.qnap.com/en/ Topic include NAS, Operation System, Application, Tutorial / FAQ , Forum and Customer Service.
Post a Comment

Security Advisory for eCh0raix Ransomware

Security Advisory for eCh0raix Ransomware
Release date: July 11, 2019

Security ID: NAS-201907-11

Severity: High

CVE identifier: N/A

Affected products: QNAP NAS devices

Summary
The eCh0raix ransomware is reportedly being used to target QNAP NAS devices. Devices using weak passwords and outdated QTS firmware may get infected.
We are urgently working on a solution to remove malware from infected devices and will release it at the soonest possible time.
If you have any questions regarding this issue, please contact us through the QNAP Helpdesk.

Recommendation
To avoid infection, you must:
Update QTS to the latest version.

Install and update Malware Remover to the latest version.

Use a stronger admin password.

Enable Network Access Protection to protect accounts from brute force attacks.

Disable SSH and Telnet services if you are not using them.

Avoid using default port numbers 443 and 8080.

Installing the QTS Update
Log on to QTS as administrator.

Go to Control Panel > System > Firmware Update.

Under Live Update, click Check for Update.
QTS downloads and installs the latest available update.

Installing/Updating and running the latest version of Malware Remover
Log on to QTS as administrator.

Open the App Center, and then click the Search icon.
A search box appears.

Type “Malware Remover”, and then press ENTER.
The Malware Remover application appears in the search results list.

Click Install or Update.
A confirmation message appears.

Click OK.
The application is installed or updated to the latest version.

Open Malware Remover.

Click Start Scan.
Malware Remover scans the NAS for malware.

Changing the Device Password
Log on to QTS as administrator.

Click the profile picture on the QTS Task Bar.
The Options window opens.

Click Change Password.

Specify the old password.

Specify the new password.
QNAP recommends the following criteria to improve password strength:
Should be at least 8 characters in length

Should include both uppercase and lowercase characters

Should include at least one number and one special character

Must not be the same as the username or the username reversed

Must not include characters that are consecutively repeated three or more times

Verify the new password.

Click Apply.

Enabling Network Access Protection
Log on to QTS as administrator.

Go to Control Panel > System Security > Network Access Protection.

Configure SSH protection.

Select SSH.

Specify a time period and the number of failed login attempts.

Configure HTTP(S) protection.

Select HTTP(S).

Specify a time period and the number of failed login attempts.

Click Apply.

Disabling SSH and Telnet Connections
Log on to QTS as administrator.

Go to Control Panel > Network & File Services >Telnet/SSH.

Deselect Allow Telnet connection.

Deselect Allow SSH connection.

Click Apply.

Changing the System Port Number
Log on to QTS as administrator.

Go to Control Panel > System > General Settings > System Administration.

Specify a new system port number.
Warning: Do not use 443 or 8080.

Click Apply.

Acknowledgements: Anomali Labs and Intezer

Revision History: V1.0 (July 11, 2019) - Published

Comments

Post a Comment

Popular posts from this blog

How to use MongoDB on QNAP NAS ?

Image
How to use MongoDB on QNAP NAS ? MongoDB  is a  cross-platform   document-oriented database  program.   Classified as a  NoSQL  database program, MongoDB uses  JSON -like documents with  schemata . MongoDB is developed by  MongoDB Inc. . in QTS, already have the MongoDB qpkg in the app center, in this article will introduce how to setup MongoDB by using Container Station
Read more

How to setup influxDB and Grafana on QNAP NAS ?

Image
InfluxDB  is used as a data store for any use case involving large amounts of timestamped data: DevOps observability, IoT analytics & real-time analytics. Grafana : The leading open source software for time series analytics. already have some tutorial talking about setup influxDB and Grafana using docker  2017/04 Setting up InfluxDB and Grafana using Docker 2017/01  Linking InfluxDB and Grafana and today we are using QNAP NAS and their software tool Container Station to introduce How to setup influxDB and Grafana on QNAP NAS ? based on the tutorial (Chinese) https://github.com/qnap-dev/qnap-qiot-sdks/tree/master/projects/dae-modbus-influxDB-example
Read more

How to use PostgreSQL on QNAP NAS ?

PostgreSQL is a powerful, open source object-relational database system. It has more than 15 years of active development and a proven architecture that has earned it a strong reputation for reliability, data integrity, and correctness. It runs on all major operating systems, including Linux, UNIX (AIX, BSD, HP-UX, SGI IRIX, Mac OS X, Solaris, Tru64), and Windows. It is fully ACID compliant, has full support for foreign keys, joins, views, triggers, and stored procedures (in multiple languages). It includes most SQL:2008 data types, including INTEGER, NUMERIC, BOOLEAN, CHAR, VARCHAR, DATE, INTERVAL, and TIMESTAMP. It also supports storage of binary large objects, including pictures, sounds, or video. It has native programming interfaces for C/C++, Java, .Net, Perl, Python, Ruby, Tcl, ODBC, among others, and exceptional documentation.
Read more

QNAP QVR Pro Client user guide

Image
QVR Pro  provides 8 embedded monitoring channels, allowing you to quickly build a cloud surveillance environment hosted on your QNAP NAS  QVR Pro Client  allows you to monitor cameras that are connected to the  QVR Pro  server and flexibly switch between live and playback modes to take full control over the monitored area.  QVR Pro Client  can be installed on Windows ® , Mac ® , Ubuntu ®  devices or on the  QNAP  HybridDesk Station on the NAS. You can also install the mobile version on you iOS or Android devices from the Apple Store or Google Play.
Read more

How to setup GPU on QNAP NAS (QTS 4.3.5+)

Image
How to setup GPU on QNAP NAS (QTS 4.3.5+) ! Actually QNAP start to support GPU in QTS 4.3.5, so that if you are using QTS 4.3.6 or QTS 4.4.0 you can use GPU as well. in this tutorial we will  introduce QTS & setup GPU with QNAP NAS QTS 4.3.5  https://www.qnap.com/qts/4.3.5/en QTS release note  https://www.qnap.com/en/releasenotes/?cat_choose=5
Read more

How to use QNAP IoT solution - QIoT Suite

Image
Online Help Menu Overview Home Home introduction Quick Setup Wizard User Profile API Documentation for reference IoT applications Add IoT application Import IoT application Export IoT application IoT application Stop IoT application Delete IoT application Dashboard How to initialize the Dashboard Edit Widget Export Widget Share Dashboard Rule QNAP Customized Node Debug message Things Add Thing Thing info Mass deployment Delete Thing Search Thing Thing Types Add Thing Type Delete Thing Type Search Thing Type User Add User Edit user info Delete User Search User Settings API Keys Administrative Settings QIoT device gateway settings QIoT server network configuration myQNAPcloud service settings Back up QIoT Suite Lite Restore QIoT Suite Lite System Services About
Read more

How to use Home Bridge on QNAP NAS ?

Image
How to use Home Bridge on QNAP NAS ? download link :  https://www.qnapclub.eu/index.php/en/qpkg/738 HomeKit support for the impatient (Beta] Install homebridge + Legacy Plugins Homebridge is a lightweight NodeJS server you can run on your home network that emulates the iOS HomeKit API. It supports Plugins, which are community-contributed modules that provide a basic bridge from HomeKit to various 3rd-party APIs provided by manufacturers of "smart home" devices. Since Siri supports devices added through HomeKit, this means that with Homebridge you can ask Siri to control devices that don't have any support for HomeKit at all. For instance, using just some of the available plugins, you can say: Siri, unlock the back door. [pictured to the right] Siri, open the garage door. Siri, turn on the coffee maker. Siri, turn on the living room lights. Siri, good morning! - QPKG - integration - bundled with NodeJS , automatic install on Start all files are within /opt/HomeBridge/
Read more

卸任倒數 宏碁突圍再出奇招 不轉型雲端 施振榮:我就是罪人

卸任倒數 宏碁突圍再出奇招 不轉型雲端 施振榮:我就是罪人 四月三十日,台北飄著細雨,卻無礙宏碁董事長施振榮的好心情,剛回家的施振榮臉上掛著笑容,準備對媒體大談他回鍋六個月的心情。而這天,距離他卸下董事長職位,只剩下四十八天。 這不是宏碁第一次遇到轉型瓶頸,一九九二年、二○○○年,施振榮都成功發動宏碁轉型,每次轉型也都將宏碁市值推向巔峰。可是這次的轉型難題是最艱鉅的一次,因為宏碁已經連續虧損了三季,市值從一○年巔峰時期的二七六八億元,掉到只剩五五七億元,更別提股價只剩二十元上下。
Read more