In recently issue mentioned in Check And Solve If Your QNAP NAS Has been Injected a CPUMiner Program, QNAP quickly release Malware Remover 2.1.0 to help. Let’s take a look at this program and go detail.
Continue reading “Detail Explain of QNAP Malware Remover 2.1.x”
It’s been discussed from 2017/4/18 on disk_manage.cgi hogging CPU usage and 2017/4/28 on Mobil01: QTS 4.3.3 正式版問題討論區 #86 that there is a mining program using your NAS to work for mineXMR.com
I have check my TS-119P II (QTS 4.3.3) and TS-251A (QTS 4.2.2), none of them have this program. Here is my summary of this issue from internet:
Continue reading “Check And Solve If Your QNAP NAS Has been Injected a CPUMiner Program”
After successfully install GIMP and LibreOffice on my new Mac Mini Late 2012 running Yosemite, I have problems to launch them. GIMP is very slow to open while LibreOffice stuck on verifying forever.
I follow suggestions on 2.8.2 very slow to launch on OS X 10.6.8 on GIMP on OS X suggest to turn off network. It does help to speed up GIMP but LibreOffice.
It’s quit busy in Synology forum about a coin miner started on 2014/2/8 by Joakim Lotsengard on Synology Page in Facebook. Someone use CVE-2013-6955 and CVE-2013-6987 to insert a coin miner program running in the background. It takes all CPU resource and slow down your access to NAS.
You may see the the press from Synology if you want to learn more about this issue. Please follow the instruction to remove the unwanted program by reinstall DSM and update manually.
UPDATE @ 2014/8/6 – SynoLocker use the same vulnerability to encrypt files and ask for money. Y-Combinator has a threaded discussion. You need to upgrade your DSM manually. It is not found by auto-update. Please refer to Downgrade Synology DSM for detail instructions.
I am going to show you how to check yourself and harden your NAS covering Asustor ADM, QNAP QTS, Synology DSM and ThecusOS 6.
UPDATE @ 2015/4/1 – Add security on ThecusOS 6.
Continue reading “Synology Security Issue and How-to Harden your NAS”
For non-expandable NAS, there might be some hidden services open but not shown in web admin. You may use nmap to explore.
Continue reading “Find out more Available Service by your NAS”
Buffalo HD-LX2TU3 is my first secured external HDD box. Because I am not comfortable with the high operation temperature and the small power adapter, I decide to open the case, move the hard drive to QNAP TS-112, and use the SATA to USB 3.0 bridge as a quick connector.
I use the bridge to clone the hard drive in my Lenovo C440 AIO to a new SSHD. When I swap them, it never boot up.
Continue reading “Contents in Secure External HDD is Encrypted”
It is easy to setup and run your WordPress Site but difficult to protect from hackers and spam. That’s why I choose to adopt the free WordPress.com which helps me to focus on contents.
When I setup WordPress for my customers, I will secure wp-config.php and limit the database account to current WordPress database only. It prevent access to the WordPress configuration file which contains the database account and password in non-encrypted format. Even if they get the file, the database user account is limited to access the WordPress database.
Continue reading “Secure wp-config.php and Restrict database privileges to protect your database”
Amigo's Technical Notes 