Is QNAP Security Any Good?

preview_player
Показать описание
Articles from Video for further reading

Connecting With Us
---------------------------------------------------

Lawrence Systems Shirts and Swag
---------------------------------------------------

AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store

UniFi Affiliate Link

All Of Our Affiliates that help us out and can get you discounts!

Gear we use on Kit

Use OfferCode LTSERVICES to get 5% off your order at

Digital Ocean Offer Code

HostiFi UniFi Cloud Hosting Service

Protect you privacy with a VPN from Private Internet Access

Patreon

#QNAP #Ransomeware #NAS
  1. Lawrence Systems
  2. LawrenceSystems
  3. qnap security
  4. qnap security alert
  5. qnap security warning
  6. qnap security flaw
Рекомендации по теме
Is QNAP Security 0:06:27

Is QNAP Security Any Good?

Commentary on QNAP 0:09:17

Commentary on QNAP and Synology NAS Security. Are They Secure?

QNAP NAS - 0:32:38

QNAP NAS - Making Your NAS as Secure As Possible

Critical Sudo Flaw 0:00:54

Critical Sudo Flaw Found in QNAP NAS Devices

QNAP Security and 0:13:33

QNAP Security and Vulnerabilities - CVE-2022-27596

Are QNAP NAS 0:47:39

Are QNAP NAS Drives Safe? Deadbolt, QLocker, Security & Responsibility

Top 10 QNAP 0:07:09

Top 10 QNAP NAS Security Tips

QNAP Information Security 0:12:01

QNAP Information Security 101 | Improve device defenses, prevent attackers & develop a recovery ...

QNAP NAS Setup 0:26:07

QNAP NAS Setup Guide (2024) - Secure Your NAS from Vulnerabilities

QNAP's Security Counselor 0:08:29

QNAP's Security Counselor - What you need to know!

QNAP NAS devices 0:08:06

QNAP NAS devices hit in surge of ransomware attacks

Secure Your QNAP 0:22:57

Secure Your QNAP NAS - Best Security Settings To Keep Your Data Secure

Hardening your QNAP 0:07:01

Hardening your QNAP NAS for improved security against malware attacks

QNAP update time 0:00:40

QNAP update time - again #nas #qnap #security #deadbolt #infosec

QNAP QLocker Continued 0:35:16

QNAP QLocker Continued - How Angry Should People Be and What Could QNAP Have Done

OpenSSL Vulnerabilities in 0:08:43

OpenSSL Vulnerabilities in Synology & QNAP NAS - What Is Going On?

QNAP High Powered 0:13:16

QNAP High Powered NAS - Pt4: Security and how to secure your device

QNAP Nas + 0:00:15

QNAP Nas + Veeam: the ultimate solution for secure, high -performance Backups #backup #nas #qnap

Simplifying Data Protection 0:00:16

Simplifying Data Protection with QNAP and Windows Server

How to Make 0:13:19

How to Make QNAP NAS Secure

QNAP Removes Backdoor 0:02:04

QNAP Removes Backdoor Account in NAS Backup

QNAP Deadbolt Ransomware 0:08:06

QNAP Deadbolt Ransomware

I've just been 0:22:52

I've just been HIT by a global ransomware attack, QNAP need to be held accountable for this

QNAP NAS offers 0:00:22

QNAP NAS offers scalable, secure storage for Milestone & Nx Witness VMS—backup & expansion! ...

Комментарии
Автор

You are spot-on about QNAP software. And it's pretty easy to see... Just press F12 after you have logged in and look at the console tab in the Chrome debugger. That area should be empty if you are writing good software. But what you will actually see is code that is in beta.... It has comments it has chrome warnings about using outdated techniques. And most importantly it has errors. Their software is a joke. DO NOT expose a QNAP NAS to the internet.

LokiDaFerret
Автор

Tom, I have had a qnap for over 7 years and you are spot on. The company has several backdoors and I keep finding their help service process running even when I scour around to kill. This help service give them full access to your device and information. Back in 2015 when I got hit with a bootloop attack they where able to access (rootkit) and bring it out. Of course the raid tables where gone but it booted. After this I removed all data and functions except plex. I just don’t trust them and their ability to maintain security.

Kattakam
Автор

I'm so glad that i chose Synology instead of QNAP 6 years ago. My DS415+ has been running until today. Not only that the device can last so long, I'm surprise that DSM7.0 is still being supported for my old device until today.

PineapplePi
Автор

So this post is just saying "Don't buy QNAP, because they're insecure." Sounds pretty simple to me. Got it! Thanks Lawrence.

OnesimusX
Автор

I love my old qnap 8 Bay nas.. upgraded to 16gb memory from the stock 4gb removed the factory 500mb USB flash and put in an ssd then installed truenas core 😀

Richard
Автор

This is not the first time for QNAP. If they can force an update, so can a threat actor. They are dead to me.

keyboard_g
Автор

Glad i just finished moving over the Synology from Qnap. Always had issues and did a firmware update and screwed over my raid 5. 20TB i couldnt reclaim unless i wiped it all! Bought the Synology that you did a video on and couldn't be happier!!!

MrLocoAndrew
Автор

It's a pity because they have way more hardware configuration options than Synology, but I have always found the Synology OS more polished. Have been on Synology for many years and have always found them very robust and reliable - the  of the NAS world ;)

deonh
Автор

Security is one of the reason, I kept my QNAP behind Pfsense firewall and VPN configured on it. Prior to that I used get lot of unknown login attempts on my NAS as DNS was exposing the public I.P

GianeshwarJamwal
Автор

At our datacenter we had 2 12Bay QNaps used for backups (one backup and one backup of the backup) they randomly threw out disks.. in one year over 10 (!) disks where thrown out by the system. need I say that those are now being replaced with truenas solutions instead?

ChuckyGang
Автор

Thanks for your video. I almost bought a QNAP instead of a Synology just because they had 2.5 Gbe NIC at the consumer level.

tofu_golem
Автор

It's a bit saddening, because the three(!) QNAPs I have have been rock solid for 10+ years, and the one time I managed to trash my RAID config (granted, I had help from the "intelligent" automatics and how it handles new disks...) support were very helpful and got everything back for me, despite being out of warranty for years at the time. I've not had any forced updates, so I'm wondering if this is a feature of the newer 64-bit platform? I'm also not running any services beyond CIFS, NFS and iSCSI nor are there any ports forwarded to any of them, so I'm crossing fingers that I'll be good until my home-built TrueNAS box is up and running properly.

koma-k
Автор

You must act wisely. I have 2 QNAPs. The first is cut off from the internet (I have important data there), the second is cheap and connected to the network and has regular copies, including a disk image. If a hacker deletes or encodes my data, I will recover it quickly. However, QNAP's internet connection is not an important part of my network. Synology is lucky because it is a much less popular NAS than QNAP.

darekw
Автор

Crazy with the force update and Iscsi commentary and impacting 3600+ devices. I know some companies have firmware that can't be rolled back do to "major" fixes. I'm guessing qnap management thought the threat was so bad, they forced the update due to the potential impact. A bit scary that they have a backdoor to push this out (so thanks for relaying that).. what if the "push"from QNAP is compromised. Security is everyone's problem.

sklise
Автор

I have a QNAP that I have overall been very happy with overall, however I saw tons of login attempts as admin (which I disabled during the initial configuration) and removed the cloud component of it as a result of that. I have remote access VPN so if need to get to it when I am away from home I can, but it shouldn't be reachable without breaching my environment in some other kind of way first. It does suck that the cloud component of that isn't really usable though.

That said as a company their security posture is absolutely unacceptable.

Gearbhall
Автор

Have had security problems with QNAP some years ago. Caused a lot of problems for me personally. Never any QNAP for me again.

HermanIdzerda
Автор

For years had issues with qnap, all the time security updates, nearly never could run the nas for a week without restart because of updates

ig
Автор

How about the security of QNAP 10GbE desktop managed switches? I was considering buying a QSW-M1208-8C instead of a NETGEAR ProSafe XS716T - since NETGEAR also have a poor reputation for firmware updates frequency / security and they only recently released a security firmware update for the XS716T switch after TWO YEARS (2019-2021) - at least the QSW-M1208-8C seems to have gotten updated every 3 months or so since early 2021 going by their website change-log.

QNAP's managed switch GUI looks more modern / user friendly than NETGEAR and their most recent switch update states they've added digital signing to firmware and prevent downgrading to an earlier version.

So whilst QNAP NAS devices might not be recommended from a security standpoint, does the same opinion also apply to their managed switches?

mashiroshiina
Автор

Hardcoded session ID = "unintentional backdoor" 🤨🧐

seeingblind
Автор

QNAP and Synology are based in Taiwan. Taiwan was established and remained a dictatorship for many decades. It's in the mindset to force updates.

jnagarya