Thousands of QNAP NAS devices have been infected with the QSnatch malware October 31, 2019

[Miska]

On 11/1/2019 at 4:00 AM, cjf said:

Something storing your personal data in bulk (or watching you) should be placed in a bubble (separate VLAN) with EVERYTHING Inbound/Outbound blocked by default. Were talking all 65,5xx Ports on UDP & TCP. Then 1 for 1 pin hole access rules should be set up for "internal" things needing to access to the NAS on a specific IP and Port basis. Its a PITA to configure and maintain but in times like these its worth every minute spent doing so.

 

If you do all that, why would you go for NAS instead of just running a Linux server with Samba and maybe something else as needed? Only point of NAS I see is that it is a little bit easier to deal with. If that ease is gone, the point of NAS is, IMO, long gone and it is better to go with a proper server instead.

 

[Miska]

On 11/9/2019 at 4:20 AM, cjf said:

The point of having an NAS in a home environment in my view is being able to squeeze as much performance/usable space into the smallest footprint possible that all other nodes on the network can take advantage of. A dedicated proper server smells "big" and "loud" to me and usually is if its being used as a storage node unless your dropping big bucks on an all Flash multi-TB, multi-Disk setup that is passively cooled and has enough CPU/RAM to take advantage of it all.

 

The NAS devices I have are louder than my servers, because they don't have proper sound proofing and have small fans... And one can have a server smaller than a NAS too.

 

On 11/9/2019 at 4:20 AM, cjf said:

My mini NAS runs FreeBSD/FreeNAS (iXSystems@32GB RAM) and every device on my network is Linux except for my music server which unfortunately must be Windows due to my first hop USB DAC not working with Linux at all (Lynx Hilo..damn shame & damn them for not supporting it).

 

I have a HP micro server with ECC RAM and 6 slot 3.5" HDD bay accessible from front panel, running OpenBSD. And a Xeon E5 machine with ECC RAM, running Linux. Music is served by the Xeon E5 machine over SMB (Samba).

 

All HDD/SSDs are fully encrypted, which is not usually properly supported by off the shelf NAS devices. Many NAS devices have also problem that when the NAS device itself dies, the data is hard to access using another NAS by swapping the disks in. Smallest devices have HDD built in and even taking it out is harder and "not supported".

 

All management is done over ssh (password logins disabled, only PKI login), no web junk.

 

[Miska]

On 11/12/2019 at 8:46 PM, Albrecht said:

Several of these have no fans and are very quiet.

 

Spinning discs without sound proofing and anti-vibration mounting are noisy, without any fans needed. Good, big, slowly rotating fans are quieter than spinning discs ever.

 

In addition, many NAS devices for home market have the cheapest possible disks inside. Not the enterprise NAS drives designed for 24/7 endurance for years. But instead the cheap 3 year or less warranty drive models. Good drive models have five year warranty. They usually also don't get regular security updates for the software for 5+ years after manufacturing date (which is likely among the reasons for this thread).

 

Good starting point are WD Red Pro and Seagate Ironwolf Pro drives, designed for NAS use.

 

On 11/12/2019 at 8:46 PM, Albrecht said:

I've been using an iMAC as NAS to play back AIFF files since 2003

 

That's not a NAS, that's a server...

 

[Miska]

15 minutes ago, Albrecht said:

Yes, - and many of the QNAP NAS devices have neither fans or spinning discs, - but SSD drives. Or, - no HDDs, and the user can purchase their own drives separately as I have done.

 

Then it is either very small or very expensive. But sure, I have no problem building a fanless server with SSDs either. One of my servers has 400W fanless PSU, fanless case and Intel i5-6600T CPU with fanless cooling. Totally silent, with two mirrored SSDs. But it is just a firewall for internet.

 

When I think about NAS, I think more about something like three 16 TB HDDs.