Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Is somebody watching me?

Featured Replies

Hi there

 

Currently i have my entire server public by a DMZ port on my router for testing. I know this is very unsafe, and i have a very difficult password on my root user. I was taking a look at my log files, and they are endless! Are these logs attempts to SSH and telnet into my server? And should remove my server from the exposed port right away? Isn't SMB be exposed without any login?b262ec2.png

  • Community Expert

...Are these logs attempts to SSH and telnet into my server? And should remove my server from the exposed port right away? Isn't SMB be exposed without any login?...

3 x yes

For heavens sake get your server back behind the firewall and out of the dmz. There is NO USECASE to have your server open to the Internet.

 

Whatever you're trying to achieve there will be a way to do it safely. Tell us what you want to do and we will help.

I've never opened my server up to the internet like this, because I'd heard all the warnings about people trying to get in via SSH.....

 

I'd kind of assumed it was a reality but also in my head thought people had always exaggerated somewhat the number of attacks/attempts that would occur. 

 

Al least now I know it's true!  :o

  • Community Expert

These sorts of attacks are completely automated and it takes absolutely no effort on the part of the attackers to find open systems to attack and attack them relentlessly.

I'm surprised your server hasn't been raped and pillaged already.

Well now we have a thread to point as to why you don't do this...

If still like to know why he / she did it, what was being tested and attempted to be achieved?

  • Author

Well.. Now it has been removed prom the exposed port. I did this, because i have a very unstable router and only here in the initial phase, for testing purpose. I cannot access my router when i am other places than my home (of course not) but i can reset it remotely. Every time i reset my router, all my portforward settings are lost, and it would not be possible to access my server and i could not do any work for a couple of days.

 

I needed access to ftp, the web gui, all docker apps, and my VMs. Because i was messing around with all kind of settings here in the initial phase, i thought it would be easiest to just expose the entire server, with a good password, and luckily my server isn't containing any personal or sensitive date, and no one even did break my root password..

 

Now it is closed and i can't access my server, until i get home tomorrow.

 

What would you do? I can't access ftp if i portfw my router to port 21, i can access my docker containers by portfw all ports.. How do i access the webgui, other than remote desktop into a vm, that is located on the same network as my server? If i want to access my shares, how do i do that? It would be nice if there was some kind of docker that could expose shares, to different kinds of users?

 

Thanks..

Setup an OpenVPN server at home and VPN in to get the access you need .

  • Author

Setup an OpenVPN server at home and VPN in to get the access you need .

 

Would openvpn then just run in a docker container then?

  • Community Expert

Setup an OpenVPN server at home and VPN in to get the access you need .

 

Would openvpn then just run in a docker container then?

See if your router already has VPN. Many newer ones do. My ASUS has OpenVPN and DDNS built-in.

Setup an OpenVPN server at home and VPN in to get the access you need .

 

Would openvpn then just run in a docker container then?

 

What trurl said but also yes. Search OpenVpN-AS in Community Applications.

Just curious, what is the difference between the OpenVPN-AS and the OpenVPN Server?

Just curious, what is the difference between the OpenVPN-AS and the OpenVPN Server?

 

https://openvpn.net/index.php/access-server/section-faq-openvpn-as/32-general/225-compare-openvpn-community-and-enterprise-editions-.html

 

Basically one is a community edition and one is a commercial product. Good thing is the commercial product comes with 2 free license so is good for allot of use cases for people using unRAID IMHO.

 

It works out of the box and is up and running in a matter of minutes with none of the config heartache of messing with config files etc

 

Note that those licences are "per user" and not simultaneous connections. For instance I am only one user but I have connected to the server 5 times using the same keys and logon profile 5 times simultaneously.

 

Got it :)

So basicly, since the lisences is pr user, most normal home users that will only be using this for themself will get a long way with  the AS one.

Got it :)

So basicly, since the lisences is pr user, most normal home users that will only be using this for themself will get a long way with  the AS one.

 

Correctomundo!

I've had my router on the open by mistake for about 2 hours, and someone was able to access my root account (using default install and all) :(

 

I noticed by looking at the logs.

 

Had to tear everything down and start from scratch, being more careful this time.

 

I'm now at about 162 days uptime with the new setup :)

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.