I’m still having issues with getting FTP to work outside my local network, so I gave up and opened a support ticket. After trying the obvious, TechSupport asked to be set up with SSH access. Almost as soon as I opened up SSH, I started getting notifications from my AutoBlock . I’ve had AutoBlock enabled since the start, but the repeated efforts to gain access made me wonder what else I could do to (try) to secure my little server.
In DSM 5.x, Synology has a feature (under Control Panel->Security->Firewall), where you can set up Firewall rules which can be fairly granular in terms of applications, ports, IP addresses (or ranges) , and even on a country basis, and allow you to specify whether, if the rule is met, access is allowed or denied. And since I’d already done a little work to see which countries the (apparent) access attempts are coming from, I decided to set up a country specific block. Now, I know before I started this that IP addresses can be spoofed, so this is only one meager piece to trying to secure the server, but better than nothing. I found this guide as a starting point, though you’ll need to modify for your own circumstances, and, as always, I’m not responsible for any bad things that might happen to your NAS if you follow this process.
I also changed my AutoBlock settings down to allow very few attempts before being blocked.
I’m starting out with very basic firewall settings to see how they work, in combination with the AutoBlock. Even as I write this, I had an attempt to SSH into the server that was AutoBlocked, but not because of the firewall rule.
I had been trying to connect to my site through a series of devices, some on a VPN, some not, so I thought I’d check just to make sure it wasn’t me. It wasn’t me, but it wasn’t one coming from China either (blocked in my Firewall rule). Sigh…
