April 10, 20179 yr Any idea of how to do this? Normally I would just set the share export to be 'No', but the flash folder doesn't come up as a share under 'Shares'.
April 10, 20179 yr Community Expert 4 minutes ago, mintjberry said: Any idea of how to do this? Normally I would just set the share export to be 'No', but the flash folder doesn't come up as a share under 'Shares'. Main - Boot Device - Flash - SMB Security Settings. I have mine set to Yes (hidden) so I can still access by specifying the path, but nobody can browse to it.
April 10, 20179 yr For just a brief moment, I thought this thread was about something totally different. http://www.brownells.com/rifle-parts/muzzle-devices/flash-hiders/index.htm
February 13, 20188 yr I am not sure i get what you mean. Do you mean hiding the flash folder via file manager?
February 13, 20188 yr Community Expert In the unRAID webUI: On 4/10/2017 at 5:40 PM, trurl said: Main - Boot Device - Flash - SMB Security Settings. I have mine set to Yes (hidden) so I can still access by specifying the path, but nobody can browse to it.
February 13, 20188 yr On 4/10/2017 at 7:38 PM, jonathanm said: For just a brief moment, I thought this thread was about something totally different. http://www.brownells.com/rifle-parts/muzzle-devices/flash-hiders/index.htm Remind me to never piss you off!
June 25, 20188 yr I appreciate all the great info in this thread. I have been connecting to my server from a MacBook via AFP. Then today, I connected via SMB and "Flash" showed up as a share. This alarmed me momentarily because I had just been messing around moving files with the Krusader docker. And I had recently watched Spaceinvader One's video on Krusader and using it to backup the flash drive. And I was meaning to do backup the flash drive but read that the array should be stopped first. So of course I was puzzled as to what I could have done. Then it occurred to me that "Flash" is not visible via AFP. So, I searched the unRAID forums, instead of the obvious step of checking the flash settings under the main tab. Lol. So, after the backstory, I do have a question. Does it matter (possible negative outcomes) if the flash drive SMB security settings are set to "Export: No" and "Security: Private"? Thanks in advance.
June 25, 20188 yr Community Expert 1 hour ago, DoItMyselfToo said: Does it matter (possible negative outcomes) if the flash drive SMB security settings are set to "Export: No" and "Security: Private"? If it isn't exported then security is irrelevant. Shouldn't matter to anything actually running on the server since SMB is only involved in network access. Also, you can download a backup of flash from the webUI at Main - Boot Device - Flash. The only consequence of not stopping the array before getting the backup is a parity check if you restore the backup. More dangerous is using an old backup that doesn't match your current disk assignments.
June 25, 20188 yr 5 minutes ago, trurl said: If it isn't exported then security is irrelevant. Shouldn't matter to anything actually running on the server since SMB is only involved in network access. Also, you can download a backup of flash from the webUI at Main - Boot Device - Flash. The only consequence of not stopping the array before getting the backup is a parity check if you restore the backup. More dangerous is using an old backup that doesn't match your current disk assignments. Ahh. Makes sense. So I'll just either set to "Export: No" or "Export: Yes (hidden)". I just don't want to see it unless I need to manually make changes. Seems like Terminal is a place to mess around under the hood anyway. Thanks for the tip on backing up the flash drive. I wasn't aware of this function. Do you have a recommendation for how often to backup the flash drive? Edited June 25, 20188 yr by DoItMyselfToo
June 26, 20188 yr 47 minutes ago, DoItMyselfToo said: Do you have a recommendation for how often to backup the flash drive? Every time you do a version upgrade, or a disk configuration change. When you change drives, make sure you mark all previous backups as extremely dangerous, not to be used intact, only as reference.
June 26, 20188 yr 47 minutes ago, jonathanm said: Every time you do a version upgrade, or a disk configuration change. When you change drives, make sure you mark all previous backups as extremely dangerous, not to be used intact, only as reference. So, whenever I make system changes, I'll do a backup of my flash drive. Thanks for your input.
June 26, 20188 yr 9 hours ago, DoItMyselfToo said: "Export: Yes (hidden)" Hidden is security by obscurity. So not very good. It would be good if the share has a name consisting of a large number of random characters that an attacker needs to guess. But with a fixed name, it isn't very hard to check i there is an invisible share.
June 26, 20188 yr Community Expert 3 hours ago, pwm said: Hidden is security by obscurity. So not very good. It would be good if the share has a name consisting of a large number of random characters that an attacker needs to guess. But with a fixed name, it isn't very hard to check i there is an invisible share. I only use hidden to prevent accidents by other users on my LAN, for real security you would want to do more.
June 26, 20188 yr Just now, trurl said: I only use hidden to prevent accidents by other users on my LAN, for real security you would want to do more. Yes, hidden is basically to hide noise and to introduce a bit of additional protection from mistakes - requiring the user to turn on the brain and do some manual interaction to access. A traditional virus will not know about the additional shares, while an automated hacking tool may have a significant list of share names to scan for.
June 26, 20188 yr 6 hours ago, pwm said: Hidden is security by obscurity. So not very good. It would be good if the share has a name consisting of a large number of random characters that an attacker needs to guess. But with a fixed name, it isn't very hard to check i there is an invisible share. Yeah, it is. Mostly I don't want to have it visible when accessing my shares for routine stuff. Last thing I need to do is accidentally corrupt my flash drive. As @trurl says "...to avoid accidents..." Though, it really wouldn't hurt to "Export: No" and then once in a while have to change the export setting to take care of a task. Edited June 26, 20188 yr by DoItMyselfToo
June 26, 20188 yr 27 minutes ago, DoItMyselfToo said: Yeah, it is. Mostly I don't want to have it visible when accessing my shares for routine stuff. Last thing I need to do is accidentally corrupt my flash drive. As @trurl says "...to avoid accidents..." Though, it really wouldn't hurt to "Export: No" and then once in a while have to change the export setting to take care of a task. Yes, but you should still consider protecting it from other peoples access. Hidden but with public access is bad. Hidden with private access is good.
June 26, 20188 yr 48 minutes ago, pwm said: Yes, but you should still consider protecting it from other peoples access. Hidden but with public access is bad. Hidden with private access is good. Good point.
Archived
This topic is now archived and is closed to further replies.