I just bought a D-Link DNS-343 that uses the ext2 file system. Since it is not NTFS i cannot encrypt and lock folders.. how would i go about doing this? id rather lock folders and the subfolders and files within..

i do not know much about ext2 and its security options, but the dlink device dosnt have any features to lock a folder or files from viewing.

EDIT: is truecrypt compatible with ext2?

Yes it is compatible and you can get here http://www.truecrypt.org/

would that be my best option for keeping data protected?

would that be my best option for keeping data protected?

it would encrypt it, yes :)

It can still be deleted by a regular user. The PW is only needed to access the archive.

so ext2 has no encryption features? like NTFS has.

so ext2 has no encryption features? like NTFS has.
ext2 is a *nix file system. the ntfs security permissions are totally different than a ext2 partition. with a nas storage device, it is possible to secure it but it typically depends on the nas device itself as to how much security it includes since really the nas device is like a small linux box running on your network.

i'm going to take a look at the manual for that device to see if it has more advanced security features.

*edit: take a look at this:
ftp://ftp.dlink.com/Multimedia/dns343/Manual/dns34_manual_100.pdf

i would go to page 29 and start reading.

By default, all volumes are open to anyone on the local network with read/write access. Before specific user or group rules can be created, the default rules must be deleted.

ext2 is a *nix file system. the ntfs security permissions are totally different than a ext2 partition. with a nas storage device, it is possible to secure it but it typically depends on the nas device itself as to how much security it includes since really the nas device is like a small linux box running on your network.

i'm going to take a look at the manual for that device to see if it has more advanced security features.

*edit: take a look at this:
ftp://ftp.dlink.com/Multimedia/dns343/Manual/dns34_manual_100.pdf

i would go to page 29 and start reading.

yeah i saw that, from what i saw theres only 2 options.. read and read/write. From what i saw theres no way to exclude non authenticated users from viewing files or folders.. only not being able to write to them.

yeah i saw that, from what i saw theres only 2 options.. read and read/write. From what i saw theres no way to exclude non authenticated users from viewing files or folders.. only not being able to write to them.

that is quite odd... i can't believe that they wouldn't make a way to deny access to all others not in a group :confused:

that is quite odd... i can't believe that they wouldn't make a way to deny access to all others not in a group :confused:

thats what i thought too.. it seems to be too user friendly.. From what ive heard the NAS does run SAMBA. Is there a way if i can get into a shell. to configure file and folder security?

thats what i thought too.. it seems to be too user friendly.. From what ive heard the NAS does run SAMBA. Is there a way if i can get into a shell. to configure file and folder security?

i would imagine that if you can get root access on it that it should have a samba config file in /etc/samba/smb.conf or /etc/smb.conf assuming that it is following a the standard config file location

could try SSHing into it :)

so from there i could configure file and folder access permissions?

so from there i could configure file and folder access permissions?

here is an example of the share definitions in my smb.conf:

#============================ Share Definitions ==============================
[tmp]
comment = temporary file space
path = /tmp
public = yes
writeable = yes
write list = "MBENTLEY/mbentley"

[homes]
browseable = no
writeable = yes

[storage]
path = /mnt/storage
public = no
writeable = yes
create mask = 0770
inherit permissions = yes
inherit owner = yes
force create mode = 0770
force directory mode = 0770

[media]
path = /mnt/storage/media
public = yes
read only = yes

[www]
path = /var/www
public = no
writeable = yes
create mask = 0770
inherit permissions = yes
inherit owner = yes
force create mode = 0770
force directory mode = 0770

[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
public = yes
writable = no
create mode = 0700

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
guest ok = no
writeable = yes

so basically you will want to find the share definition and add a line that says "public = no". i would also make sure to create a backup of your smb.conf before doing anything. after you modify the file, you will need to restart samba or just restart your nas device.

the best example would be my "[storage]" share. the access is controlled by actual file permissions. i also have my server talking to my windows active directory for authentication so it might be different.

here is an example of the share definitions in my smb.conf:

#============================ Share Definitions ==============================
[tmp]
comment = temporary file space
path = /tmp
public = yes
writeable = yes
write list = "MBENTLEY/mbentley"

[homes]
browseable = no
writeable = yes

[storage]
path = /mnt/storage
public = no
writeable = yes
create mask = 0770
inherit permissions = yes
inherit owner = yes
force create mode = 0770
force directory mode = 0770

[media]
path = /mnt/storage/media
public = yes
read only = yes

[www]
path = /var/www
public = no
writeable = yes
create mask = 0770
inherit permissions = yes
inherit owner = yes
force create mode = 0770
force directory mode = 0770

[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
public = yes
writable = no
create mode = 0700

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
guest ok = no
writeable = yes

so basically you will want to find the share definition and add a line that says "public = no". i would also make sure to create a backup of your smb.conf before doing anything. after you modify the file, you will need to restart samba or just restart your nas device.

the best example would be my "[storage]" share. the access is controlled by actual file permissions. i also have my server talking to my windows active directory for authentication so it might be different.

so by changing it to "no" it will prompt me for a username/password anytime i access the NAS?

so by changing it to "no" it will prompt me for a username/password anytime i access the NAS?

by changing it to "no", it should only allow the users & groups that you have created to access it and disable anonymous read access.

sweet! cant wait to try!

when you say users and groups.. im guessing the ones i create in the web interface also reflect into the linux OS?

sweet! cant wait to try!

when you say users and groups.. im guessing the ones i create in the web interface also reflect into the linux OS?

that is what i am guessing but i can't be positive because i am not sure how the device works.

just remember to always make a backup of any config file you change so you can change it back if you mess it up!

ok how do i do that? im not very linux inclined.

ok how do i do that? im not very linux inclined.

just copy the file.

cp smb.conf smb.conf.backup

gotcha thanks! you have been a big help mbentley. :-)

gotcha thanks! you have been a big help mbentley. :-)

no problem. if you do get root access on the box and need help, just ask. it is hard to say what sort of text editor, if really any, will be available on it. should be interesting to see...

okay i will PM you if i need some help.