Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

(SOLVED) Possible SMB Exploit

Featured Replies

I was recently attacked with !0XXX ransomware on my UnRAID Server

 

It only affected one share instead of all of shares

 

I had the SMB port open (which is no longer open on my router) so that I can access it over the network with DuckDns but under the shares tab they are all set to private and it uses a standard user with password. Based on the below link on Reddit I don't think it was something that was downloaded because Radarr / Sonarr can't execute files and it occurred during the night while I was sleeping.

 

https://www.reddit.com/r/unRAID/comments/ovuxry/0xxx_ransomware_0xxx_support_topic_page_3/

 

I had the port open for one reason and that was to use the OpenDrive application on my work Windows computer to upload from one of the shares (unaffected) it only affected a share that wasn't in use by the OpenDrive Application.

 

https://www.bleepingcomputer.com/forums/t/753400/0xxx-nas-ransomware-0xxx-support-topic/page-3

 

This ransomware only affected Linux users globally in the past week and everyone on the above link suspects Samba is the cause.

Was there a reason you were not using a VPN link (via WireGuard on Unraid) which would be much more secure?

  • Author

I've never heard of that before, I only used the SMB when I wasn't at home, Is WireGuard similar to OpenVPN?

 

I thought OpenVPN was only supposed to be used to access the main page 

 

I'm still new to UnRAID

Edited by sheldz8

1 hour ago, sheldz8 said:

I've never heard of that before, I only used the SMB when I wasn't at home, Is WireGuard similar to OpenVPN?

 

I thought OpenVPN was only supposed to be used to access the main page 

 

I'm still new to UnRAID

Once you have a VPN in place it can be used to access anything on the Unraid server.  If configured correctly then anything on the home LAN can be accessed. It is normally mentioned in the context of the main page as that is not hardened against attack from the internet.

 

WireGuard is an alternative to OpenVPN and is built into Unraid.  It has the advantage that it runs even when the array is stopped.

  • Author
1 hour ago, itimpi said:

Once you have a VPN in place it can be used to access anything on the Unraid server.  If configured correctly then anything on the home LAN can be accessed. It is normally mentioned in the context of the main page as that is not hardened against attack from the internet.

 

WireGuard is an alternative to OpenVPN and is built into Unraid.  It has the advantage that it runs even when the array is stopped.

Thank You I will check it out

  • sheldz8 changed the title to (SOLVED) Possible SMB Exploit

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.