Jump to content

Securing unRAID


Recommended Posts

I just setup my first unRAID server (5.0beta13).  Regarding securing the server, the configuration tutorial strongly suggests that the server NOT be exposed to the Internet. I have a 10 year old D-Link wired router, and I don't plan on getting a wireless router anytime soon.  Here are the steps I have taken to secure the server:

 

1) Changed root password for unRAID to something secure.

2) Changed admin password on my router

3) Left firewall settings of the router at the default values -> is this OK?  Anything I should change here?

4) If I purchase the paid version of unRAID I will setup passwords for the user shares.

 

Would you say that this is secure enough? I am not storing state secrets on my unRAID server, but I do have irreplaceable family photos and such that I would not like to lose to some hacker.  Also should I get a new router or is my 10 year old router fine (note that I have a gigabit switch between PCs so the router is only for internet access and firewall)?

Link to comment

I just setup my first unRAID server (5.0beta13).  Regarding securing the server, the configuration tutorial strongly suggests that the server NOT be exposed to the Internet. I have a 10 year old D-Link wired router, and I don't plan on getting a wireless router anytime soon.  Here are the steps I have taken to secure the server:

 

1) Changed root password for unRAID to something secure.

2) Changed admin password on my router

3) Left firewall settings of the router at the default values -> is this OK?  Anything I should change here?

4) If I purchase the paid version of unRAID I will setup passwords for the user shares.

 

Would you say that this is secure enough? I am not storing state secrets on my unRAID server, but I do have irreplaceable family photos and such that I would not like to lose to some hacker.  Also should I get a new router or is my 10 year old router fine (note that I have a gigabit switch between PCs so the router is only for internet access and firewall)?

you should be fine unless you attempt to open up the router ports to allow access to your LAN from the internet.  If you do, and do not do it exactly right, then NOTHING on your LAN is secure.  (For any given LAN, there is only one exactly RIGHT solution, and many VERY VERY wrong.  Security professionals would typically not risk guiding you... since there are so many ways for the script kiddies to get to your files if you open your LAN to the outside world.)

 

One more thing.  If you have irreplaceable family photos, and do not have another backup of them in an alternate physical location, you are making a huge mistake.

unRIAD protects you from a single disk failure, not from losing data.

 

Purchase a USB drive, copy all the priceless photos to it, store it physicall elsewhere... Your office, a safe-deposit-box at the bank, a family member's house, etc. Somewhere off-site.  Otherwise, all if would take is one fire/flood/tornado/lightning strike to wipe out your unRAID server and the photos with it.

 

Joe L.

Link to comment

Thanks Joe.  I don't plan on opening up any router ports to the Internet; the NAS is purely for home use.  I'm going to check the router config page to see if there are any ports that are open.

 

I'm hoping to use unRAID for primary storage of media (photos, videos) and other files.  I almost have enough spare parts to build a second server (minus the hard drives) so ideally I would ilke to have a primary unRAID server for storage, and a backup unRAID server to rsync everything on the primary.

 

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...