Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Internet security

Featured Replies

Hi,

 

I know generally speaking you'd rely on your router to offer protection against a server and I've read on various threads about people advising folk to get their server back behind DMZ protection.

 

My question is. Out of the box and once a good password has been applied to 'root' user. Are there any internet risks that would lead to hackers or sniffers being interested in my server?

 

Telnet is only accessible if you have the password right?

What about SMB shares etc?

 

 

Any password can be cracked... Its just a matter of time

When you setup shares you choose if they are available to anyone on the network, if someone has to login, or if you wand to handover to AD to handle permissions. If you pick the default anyone who can get onto your network can get into your shares.

 

I'm not sure I understand your question. What is your objective / concern?

 

 

  • Author

more prevention.

 

I was not sure if UnRaid was internet ready if ever exposed to the net.

 

But generally speaking if all users have good passwords and SMB shares are set to use a password. There are no risks if no other apps have been installed?

 

Hi,

 

I know generally speaking you'd rely on your router to offer protection against a server and I've read on various threads about people advising folk to get their server back behind DMZ protection.

 

My question is. Out of the box and once a good password has been applied to 'root' user. Are there any internet risks that would lead to hackers or sniffers being interested in my server?

 

Telnet is only accessible if you have the password right?

What about SMB shares etc?

 

First you should never have your OotB unRAID server on a DMZ, or fully open to the internet.

 

Yes hackers and sniffers would tonally be interested in your server. People have posted logs with attempts to log into via SSH every couple of seconds when they had that open to the internet.

 

There are no risks if no other apps have been installed

 

I believe you are asking "If I install something like Plex and forward ports for Plex to have intrenet access is that a risk?"

 

The answer is yes, but it's a standard risk that everyone that uses Plex takes. Someone might find security issues with Plex that allows exploitation, so you are really relying on the security of that app.

Hi,

 

I know generally speaking you'd rely on your router to offer protection against a server and I've read on various threads about people advising folk to get their server back behind DMZ protection.

 

My question is. Out of the box and once a good password has been applied to 'root' user. Are there any internet risks that would lead to hackers or sniffers being interested in my server?

 

Telnet is only accessible if you have the password right?

What about SMB shares etc?

 

To me it sounds like you are saying "if I have a good password, and install no more apps, can I just expose the server to the internet directly ?".

 

Well: NO !  Unraid is only meant to be used in a LAN environment, it would be a very bad Bad BAD idea to put it fully in a DMZ ..

 

Question would be though: Why would you ? What do you want to do that you think you need your unraid system to be in a DMZ for ?

You don't want to expose anything to the internet at first except your router, if your UnRaid server is behind your router you are fine. If you start opening ports on your router to allow in SSH, you are asking for trouble, hackers scan port 22 all the time so the only think between a hacker accessing your server at that point is your password, and they will try and try and try to guess it. If you need remote access to your UnRaid server I suggest you look into VPN solutions.

Unless he is confused about what a DMZ is --- his OP would make a lot more sense if we assume he thinks the DMZ is the protected part of a LAN.

 

What makes me think that is the use of "back behind DMZ protection" -- that would make a lot more sense if he misunderstood what a DMZ is.

  • Community Expert

Q1: Why would anyone want to hack my server?

A1: Because it's there.

 

Q2: Why would anyone go to the trouble to hack my server?

A2: No trouble at all. It's all totally automated these days.

  • Author

Hi,

 

I feel that I understand DMZ fine. DMZ enables the ability to isolate a segment of the network and open it up to the internet (remove firewall protection) by entering the IP into DMZ.

 

Hi,

 

I feel that I understand DMZ fine. DMZ enables the ability to isolate a segment of the network and open it up to the internet (remove firewall protection) by entering the IP into DMZ.

 

Meaning that every request originating from the internet that is not sent to another system (by portforwarding) is sent to that system..

 

I can hardly think of any system you would want to host in that environment.. for personal use..

 

Why would you want to do this ?

 

Forgive me if this analogy is a bit weird but feels like you are asking "I have this knife and I am thinking of sticking it in my stumach, should I insert on the left or right hand side" ..

 

There might be an answer to that question (left is nog such a good idea), but a much more important reply would be: WHY?? We are using our knives to peel apples and slice our steaks...

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.