Equium Duo Posted December 15, 2011 Posted December 15, 2011 Hi All, There seems to be a high number of 'break-in attempts' on my server. Should I be worried? http://dl.dropbox.com/u/30220896/syslog-2011-12-15.txt There's loads of entries!! This is probably when someone points out big probem in my unraid server that i haven't seen yet. The connexant stuff is related to my custom unraid which has the drivers etc. for my tv card. And xmltv doesnt always play ball! Thanks for looking! Chris
squirrellydw Posted December 15, 2011 Posted December 15, 2011 I have no clue but I would be. Might want to change the subject of the original post.
Joe L. Posted December 15, 2011 Posted December 15, 2011 Hi All, There seems to be a high number of 'break-in attempts' on my server. Should I be worried? http://dl.dropbox.com/u/30220896/syslog-2011-12-15.txt There's loads of entries!! This is probably when someone points out big probem in my unraid server that i haven't seen yet. The connexant stuff is related to my custom unraid which has the drivers etc. for my tv card. And xmltv doesnt always play ball! Thanks for looking! Chris I would not worry as much about the entries that say that login failed, but I would worry since there are no records of a successful login. You are being attacked. unRAID is NOT secure as normally delivered. There are many logins with no passwords on most of the default unRAID installs on early versions of unRAID. Since the password file is carried forward, even when upgrading, you could have these same vulnerable IDs if you have not assigned non-trivial passwords.
Equium Duo Posted December 15, 2011 Author Posted December 15, 2011 I didn't upgrade this version (if version is the riight word) of unraid was created from a clean install of unraid 5.0 beta10. I don't know if that still applies? I dont have a trivial password. Well the only thing that is trivial is my tvheadend stream account, but that only allows streaming of TV. Not that my connection could handle that haha! I don't necessarily store anything sensitive on my unraid server, so can i ignore it? Should i disable port forwarding on ym router for the time being? Chris
squirrellydw Posted December 15, 2011 Posted December 15, 2011 unRAID is NOT secure as normally delivered. There are many logins with no passwords on most of the default unRAID installs on early versions of unRAID. Since the password file is carried forward, even when upgrading, you could have these same vulnerable IDs if you have not assigned non-trivial passwords. Don't wanna hijack the thread but I upgraded from 4.x to beta 5.x. What is the best thing for me to do? You say there are many logins with no passwords, how can I delete those or what should I do?
dgaschk Posted December 16, 2011 Posted December 16, 2011 I didn't upgrade this version (if version is the riight word) of unraid was created from a clean install of unraid 5.0 beta10. I don't know if that still applies? I dont have a trivial password. Well the only thing that is trivial is my tvheadend stream account, but that only allows streaming of TV. Not that my connection could handle that haha! I don't necessarily store anything sensitive on my unraid server, so can i ignore it? Should i disable port forwarding on ym router for the time being? Chris Disabling port forwarding would definitely help with security.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.