Random Attempted Connection From Public IP's

[aedan929]

Ever since I put my server online using dyndns I have been getting messages on the screen of my NAS, example image shown below. I am scared what could be going on behind my back, but then im left to blame for making it probably insecure in the first place. I wouldn't be posting this if I knew those ip addresses but I don't and they are obviously external/public ones. Anyone got any idea on whats going here? Some help would be greatly appreciated! If I am being hack or you guys see any clear vulnerability in my setup please tell what I should do to fix that or refer me to a post. Thanks so much! Have a good day!

 

[m0nkey_]

This is a perfect example of why you shouldn't expose FreeNAS to the Internet. If you need to access your FreeNAS box while away, it's recommended to set-up a VPN.

 

[aedan929]

This is a perfect example of why you shouldn't expose FreeNAS to the Internet. If you need to access your FreeNAS box while away, it's recommended to set-up a VPN.

Yeah I'm gonna start working on that for sure! But since whoever got reach of my NAS is possible that they could get into it even though almost every user on my NAS has a custom password?

 

[garm]

Those are port scanners run by US DoD, China, Russia, google, other organized crime and a small army of script kiddies. As soon as they detect open ports they will start hammering it with default accounts and passwords. If you for some reason stand out from the white noise, they might start to try and bruteforce your password or attack vulnerabilities. You really shouldn’t expose sshd or any other part of FreeNAS to the internet. If you have to do it without putting proper security in front of it, you should set up a dedicated jail for external exposure. But I wouldn’t do that either without a vpn. And the vpn should run on a dedicated DMZ with a os locked down tight.

 

[nojohnny101]

Maybe a good question to ask the original OP is:

Why did you open up SMB shares to WAN? What are you hoping to achieve?

 

[aedan929]

Maybe a good question to ask the original OP is:

Why did you open up SMB shares to WAN? What are you hoping to achieve?

I kind of forgot about this post as it started to slow down and even came to a stop for a week, but it started again, thankfully slow this time. I do this so I can access my files from other places, my main reason is so I can edit videos while in remote locations and not have to use external drive. I've been working on making it more secure and stuff lately so it's getting better, I almost have a working VPN for it, on the brinks of having it up and running! I look forward to not having to worry about this anymore! For now it's just disabled as I have importtant info on there such as government issued things ex. SSN Card. I also have old security footage I was trusted to store for a bank since I build and rebuild servers for a bank security company and I would be sentenced to life behind bars if any of it is leaked as stated in the agreement. So yeah, I'm really scared as for now and everything other than LAN access is disabled.

But, everyone I know who has a NAS (2 people) use Windows Server but they can access theirs outside of their home. In my opinion a nas is worthless. if you can't access it outside of home. Just my opinion may be stupid but whatever.

 

[aedan929]

One thing I'm also doing is changing default port, no more 22, so it's a bit harder to guess! But I will also block any IP's that show up if they can get past my vpn which is now setup. So far everything id s good now, and there have been no connection failures! Thanks for the help! :)