Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Security - Firewall your server!!!

Featured Replies

I googled unRAID today and came across someone's server completely open for everyone to see. This server had a 5 beta installed. I renamed this server "Firewall your server" to make this completely obvious to you.

 

I presume this person frequents the forum so PLEASE firewall your server and give your root user a password.

I googled unRAID today and came across someone's server completely open for everyone to see. This server had a 5 beta installed. I renamed this server "Firewall your server" to make this completely obvious to you.

 

I presume this person frequents the forum so PLEASE firewall your server and give your root user a password.

Ouch...

 

If you had given it a root password we could have figured out who it was easier.  :'( 

And then changed the machine name to "Your new root password is 'INSECURE'")

 

Some time in the early 80s I was doing system support via dial-up (pre internet days) fat-fingered a telephone number using "cu" (call unix)

The remote system answered and gave a "login:" prompt.

The person I was working with typed "root"

we had a root shell prompt.  Equivalent Ouch....

We quickly typed "exit"  (personal UNIX was years away...  we can only guess what we had stumbled across)

 

 

 

 

Ouch indeed!

 

Looks like it may have been fire-walled or taken off-line.  I found what I suspect was the same link that Speeding_Ant found, now not active.

It was not my server, but is there a guide to follow to ensure that a firewall is properly setup?

  • Author

The whole point of a firewall is to:

 

a) Stop the outside world accessing your internal network

b) Control which ports and IP addresses flow to internal services. EG, Externally someone would access www.limetech.com, you can specify which internal IP address & port this request should speak to.

 

If you're new to it, I suspect the easiest way to set up your firewall is to not touch much! Most firewalls are setup to be 'secure' enough from the get go. There are some web services that can check if there are any glaringly obvious holes in your setup.

 

I suspect what this person did was set their unRAID server as the NAT "Default Host". All ports were accessible from what I could see.

Likely! ;D I did it for 5 minutes when I was bored.  And quickly shut it off...every port except my router management port was going to the unRAID IP! :o

ScreenHunter_08_Feb._14_15_38.jpg.70cdfdcee90afe4590d2443b4bbab237.jpg

If you get bored visit this website

https://www.grc.com

 

Look for Sheilds Up and tell it to scan your machine. It will normally come back with open ports... Hopefully ones that aren't dangerous. LOL

If you get bored visit this website

https://www.grc.com

 

Look for Sheilds Up and tell it to scan your machine. It will normally come back with open ports... Hopefully ones that aren't dangerous. LOL

+1

GRC is an amazing company, and their free tools are indispensable for security.

Funny it got indexed.  Also surprised the webui was still up,  it lasts about 5 seconds if you throw anything unexpected at it. (xss etc)

  • Author

They must have linked to it somewhere  ::)

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.