Home > Tips and Tricks

Synology NAS system attack/failed login attempt: How to Prevent it

In this guide, we will show you various methods to prevent the Synology NAS system attack/failed login attempt. Network Attached Storage is one of the most secure and cost-efficient ways to store, access, back up, and share files and data freely and securely. In this regard, there are quite a few noteworthy players when it comes to creating your own private clouds, however, the offering from Synology is the best in this domain.

Synology NAS system attackS

On the flip side though, multiple Synology NAS users have reported an increase in the number of system attacks/failed login attempts from unidentified IPs and locations. Such is the intensity of these attacks that many have reported close to 15 in just under 20-30 min from different IP addresses.

Synology NAS system attackS

As far as the plausible culprits are concerned, all fingers are being pointed at the latest v7.2 update which seems to have opened up a few loopholes. With that said, there does exist a couple of nifty security measures that you should keep a tab on and implement at the earliest for a safe and secure NAS ecosystem. So without any further ado, let’s check them out right away. 

How to Prevent Synology NAS system attack/failed login attempt

Synology NAS system attackS

It is recommended that you implement all the below-listed security measures for a safe, secure, and risk-free Network Attached Storage.

  1. Get a proper firewall. I’m not talking about a consumer-grade router that you can buy at Walmart. I’m talking about an actual firewall. Consumer routers are pretty notorious for having bugs that don’t get fixed or don’t get fixed in a timely manner. Plus I wouldn’t trust the security of those. A firewall will give you about 90ish% of the tools you will need. This will provide you with proper logging, geo-blocks, port forwards, etc
  2. Do not use the default ports. Do not use the top 1000 most common ports. Use ports in the 8000+ range. Bots scan the entire internet all the time non-stop. However, the internet is massive so bots scan the most common ports. Avoiding those like the plague will cut down on scan attempts and connection attempts
  3. Use geo-filters. I have my geo-filter set to only my home country and nothing else. You will be surprised how much this helps.
  4. Only expose what you need and never anything more.
  5. Change the password and disable the guest and admin accounts. There’s no need for those and will immediately be the first account an attacker will try.
  6. Enable Two Factor Authentication on any account that accesses DSM.
  7. Use the Synology built-in firewall and allow only your home country along with connection attempt lockouts.
  8. Always use HTTPS. Never use HTTP.

That’s it. Enforce all the aforementioned listed safety standards and this should help you prevent the Synology NAS system attack/failed login attempt. If you have any queries concerning the aforementioned steps, do let us know in the comments. We will get back to you with a solution at the earliest.


Share: