• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

How Secure is a NAS on Home Network?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

Barryng

Member
Joined
Nov 16, 2001
First, my home network configuration. My home network starts with a Comcast RG(Modem/Wi-Fi/Router). It is not in Bridge Mode, but Wi-Fi is turned off and I use a Netgear Wi-Fi Router. All three TVs are connected via hard wired Ethernet and Wi-Fi is used only for non-Ethernet devices like phones, door locks, garage doors, security cams, etc. Comcast does not allow me to assign different SSIDs to the 2.4 and 5 Gig bands and some Wi-Fi connected devices like single band door locks seem to get confused by this - separate SSIDs solved that problem so I use the Netgear router for all Wi-Fi and it does an excellent job. Putting the Comcast RG in Bridge mode turns off its internal ethernet switch. For reasons I never figured out, the Comcast set top boxes behave much better when connected to the Comcast internal switch than the Netgear Router switch. In other words, All three TV ethernet feeds are connected to the router switch so the Comcast STBs play well and all other ethernet feeds are fed from the Netgear router. My concern that follows is enhanced by the fact that the Comcast router is not in Bridge mode, and it probably handles some of the security functions, along with the Netgear router.

I have a 12 year old Synology DS212 unused NAS I want to connect via Ethernet. It is important the files to be stored on it (backups) remain secure. How safe is this NAS and what can I do to make it even more secure? I intend to use my backup software to encrypt the backups, but I still would like to better understand my exposure.
 
I'd just make sure that it isn't external facing. So that it's only accessible on your LAN
That ability crossed my mind, but I do not have a clue how to do that. I just tried searching to learn more and it appears this is done by accessing the NAS internal settings. To the best of your knowledge, is this correct and does it really provide invisibility and no access to the external world? Thanks
 
I'm not familiar with Synology or their settings. I imagine it is either configured on that box or on the router-side to avoid PlugNPlay port forwarding it externally. I assume the box has a web-interface, could potentially put it on the network and see if you can hit the interface via your phone/an external-to-the-network device and possibly port information included.
 
I have a synology nas and what I did was to make sure quick connect was disabled and created a firewall rule to enable ip address with 192.168.1.whatever to have access while blocking all ports outside of the lan. I'll post a screenshot for you, oh and make sure you have the allow rule at the top of the list or you'll be resetting your nas to factory defaults to get back in, ask me how I know (n)
 

Attachments

  • firewall.png
    firewall.png
    20.9 KB · Views: 6
Back