Home Tags Synology

Tag: Synology

VU#404187: Synology NAS servers contain insecure default credentials

Synology NAS servers contain insecure default credentials Original Release date: 20 Oct 2016 | Last revised: 20 Oct 2016 Overview Synology NAS servers DS107, DS116, and DS213, use default credentials. Description CWE-255: Credentials Management - C...

Leaky IoT devices help hackers attack e-commerce sites

Millions of IoT devices are misconfigured so that they can forward messages -- which, combined with default admin settings, allows them to be used to attack e-commerce and other websites, a new report says. The problem is well known and has been around...

VU#551972: Synology Cloud Station sync client for OS X allows regular...

The Synology Cloud Station sync client for OS X contains a setuid root executable that allows regular users to claim ownership of system files.

Bitcoin, Dogecoin Issues Raise Doubts About Cryptocurrency

One of the basic ideas behind cryptocurrencies like Bitcoin is that they provide a decentralized form of currency that ensures privacy and security. Events this week seem to point the other way, however, showing that cryptocurrencies aren't quite as decentralized as first thought and might well be a vehicle for user exploitation. With a decentralized structure, no one group should be able to have undue influence or control over Bitcoin. That idea is now being tested as a pair of Cornell university researchers revealed that a Bitcoin mining collective called Ghash.io managed to represent 51 percent of Bitcoin mining power as of June 13. With Bitcoin, as with all cryptocurrencies, new coins are created through a computing-intensive process known as mining. With 51 percent of mining power in the hands of a single group, the Cornell researchers see a real risk. "Ghash is in a position to exercise complete control over which transactions appear on the blockchain and which miners reap mining rewards," the researchers wrote in a blog post. "Bitcoin is currently an expensive distributed database under the control of a single entity, albeit one whose maintenance requires constantly burning energy—worst of all worlds." For its part, the Ghash.io mining pool has known since the beginning of the year that it would likely reach 51 percent of Bitcoin mining during the year. In a press release, the group stated it does not have any intentions to execute a 51 percent attack, as it would do serious damage to the Bitcoin community, of which it is a part. "Our plans are to expand the bitcoin community as well as utilize the hashing power to develop a greater bitcoin economic structure," the group stated. One of the biggest challenges for any one individual looking to mine Bitcoins today is that it is very computationally intensive and not easily done. In fact, the challenge of mining Bitcoins has led to the popularity of alternative cryptocoins, including the Dogecoin. While mining for Dogecoin is easier than Bitcoin at this point, that hasn't stopped hackers from leveraging the power of a distributed botnet to pad their virtual wallets. A report from Dell SecureWorks indicates that hackers installed mining malware on Synology network-attached storage (NAS) devices. The malware authors were able to assemble their own mining botnet that allegedly yielded $600,000 USD in revenue. The Dogecoin botnet and the Ghash.io issues are both interesting in that they help raise doubts about the legitimacy of cryptocurrency. That said, "real" money like dollars (the paper kind) have the same types of risk too. Real money can also be used for crime and can also be amassed by the wealthy to exert control, so why should "virtual" money be any different? Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Hacker infects Synology storage devices, makes off with $620,000 in Dogecoin

Mining cryptocurrencies is expensive. One hacker passed the cost on to NAS users.

How to implement PXE with Synology NAS

 Overview Equipped with TFTP support and Synology's DHCP Server package, DiskStation can serve as an integral part of your Preboot Execution Environment (PXE) setup. With...

How to set up the Synology NAS as the VPN Server

Overview A VPN (virtual private network) is a private network that uses a public network infrastructure (usually the Internet) to provide secure and encrypted connections...

How to set up Link Aggregation on Synology NAS

Overview Link aggregation is a method of using two Ethernet ports in parallel to provide trunking and network fault tolerance. Link aggregation with trunking feature...

Synology DS214se Reviewed

ProductSynology DS214se Disk Station   [Website]SummarySynology's lowest cost two bay, Marvell-based BYOD SATA NAS supporting all DSM 4.3 featuresPros• Very aggressive price (for Synology)• Runs full suite of DSM 4.3 applications• Mobile Apps for iOS and Android• iSCSI target supportCons• No USB 3.0 ports• 2.5" drives require optional ($) adapter• Drives not hot swappable Are you thinking of doing some holiday shopping for that favorite geek of yours? You're in luck, since Synology recently announced two new 2-bay BYOD NASes.

The subject of today's review—the DS214se—is its lowest-priced dual-bay NAS that's only $10 more than Synology's entry-level single-bay DS112j. Synology sent its first review sample to us, so let's get going. Synology's announcement said the "se" stood for "single-role edition", but there is no mention of this on the product's page. Instead, you find "A Budget-Friendly, Personal Cloud" as the product's catchphrase, which perhaps suits it better. The se's material cost has been trimmed to the bone by using a single-core Marvell Armada 370 SoC with only a minimal 256 MB of DDR3 RAM and 8 MB of flash. Priced at only $160, you can't expect it to burn up the performance charts, but it's not a totally stripped-down NAS, either. It runs the Synology's standard DSM 4.3 operating system including all add-in apps. The front and rear panels are relatively simple, so I've combined both of them into a single screenshot along with the LED status indicator chart. I like that Synology uses a combination of color and blink/static states to show you what's happening at a glance.

An orange LED for either of the Disk indicators means that you have a disk failure.

The front LAN indicator shows connectivity and activity. Synology DS214se front and rear panels with LED indicator chart The rear panel has a single Gigabit Ethernet port with two LED indicators, two USB 2.0 ports, a reset hole, power jack and a Kensington lockdown hole. Note the lack of USB 3.0 and eSATA ports. Inside The image below shows the top of the DS214se's PCB. You can clearly see the Marvell SoC in the center of the board. Synology DS214se PCB top The image below shows the two 2 TB WD Red (WD20EFRX) drives that Synology supplied in the review sample, mounted over the PCB. Since the se isn't a hot-swappable design, you remove two screws on the rear panel, then slide the case apart to mount the drives. Synology DS214se with cover removed The integrated drive brackets support 3.5" drives only.

If you want to mount 2.5" drives, you'll need to purchase special brackets for those. The se drew only 14 W with the two WD Red drives spun up and 7 W when the drives reliably spun down after the programmable idle time elapsed. Noise level was judged as low since it was barely audible in the quiet home office test area.

The fan never spun up to a higher level even under load during testing. The table below summarizes the se's key components. I've included the key components for the $150 Buffalo LinkStation LS421e and the $140 Zyxel 2-Bay Power Plus Media Server NSA325 for comparison.

As you can see, the DS412se is running at the slowest clock speed of the three devices and has half the RAM. It's also missing the USB 3.0 chipset, as the DS214se only supports only two USB 2.0 ports. Key component summary and comparison Related Items: Synology Adds Low-Cost And High Performance Dual-Bay NASesThecus N2310 SOHO / Home NAS Server ReviewedNew To The Charts: Synology DS211New To The Charts: Synology DS211+New To The Charts: QNAP TS-219P+