Difference between revisions of "Synology"
Jump to navigation
Jump to search
(Created page with "=Hardening= The certificates are stored in /usr/syno/etc/certificate/_archive. The INFO file defines what applications the certificates are used for. The certificates are in...") |
m (→Hardening) |
||
| Line 6: | Line 6: | ||
[https://bpmsg.com/how-to-make-your-synology-disk-station-nas-more-secure/comment-page-1/ This page] has some good hardening tips. | [https://bpmsg.com/how-to-make-your-synology-disk-station-nas-more-secure/comment-page-1/ This page] has some good hardening tips. | ||
| − | Some of the things I did | + | Some of the things I did: |
| − | + | * 2 factor authentication on the web interface | |
| − | + | * Moved ssh to a high port on my router (NAT xxxx -> synology:22) (and disabled from the internet when not needed) | |
| − | + | * Disable HTTP access | |
| − | + | * Installed another webserver as frontend as I doubt synology publishes all security updates in time. | |
| − | + | * Set home directory protection from 755 to 700 | |
| − | + | * Disabled admin account | |
Revision as of 21:31, 5 August 2018
Hardening
The certificates are stored in /usr/syno/etc/certificate/_archive. The INFO file defines what applications the certificates are used for. The certificates are in subdirectories with a yet unknown naming convention.
This page has some good hardening tips.
Some of the things I did:
- 2 factor authentication on the web interface
- Moved ssh to a high port on my router (NAT xxxx -> synology:22) (and disabled from the internet when not needed)
- Disable HTTP access
- Installed another webserver as frontend as I doubt synology publishes all security updates in time.
- Set home directory protection from 755 to 700
- Disabled admin account