Anyone with a Synology NAS you should be aware.. by Duncan

User avatar
that with increasing difficulty in taking control of PCs to act as spam relays, there seem to be attempts to hack into synology NAS boxes that are running mailserver software in order to use them as mail relays. I noticed a significant number of attempts to log into mine from a selection of no doubt spoofed IP addresses. However as I have reasonable passwords, and have disabled unused accounts like guest, they didn't get in. I've now put an autoblock on IP addresses that try multiple failed logins.

This may apply to others as well, but when I checked the Synology forums, I'm in no way alone, though many people had been hacked using the guest account, or with the default admin passwords. Even if you don't use one of these boxes, take it as a warning to change away from the default passwords on any router or other device that's accessible from the outside world.

Posted 09 Apr 2013, 17:05 #1