NAS As Remote File Server

We have had a Synology 210j file server at work for a few months now. Having a central store of all of our files  has been very useful. We don't have to worry about different version of files when collaborating.  Also, the documents are securely and remotely backed up every night using Cobian and RSYNC.



However, security was an issue. The file server shipped with a firewall that blocks access after a certain number of unsuccessful log in attempts. Almost immediately after being set up, the file server started to report blocked IPs. The fix was to disable FTP and set up SFTP instead. Also, and this is the most important step, set the external ports to a random, non-standard port. FTP typically uses port 21 and SSH uses port 22. Hackers will normally scan only the standard ports unless they are specifically targeting your server. If you set your system to use non-standard ports, then you will be left out of their attacks. After changing the ports, I had no more blocked access attempts. To change the external ports, go to your router's port forwarding page. Leave the internal ports the same for FTP, SSH, and SFTP but change the external ports to a random number that you remember.

The Synology 210j has had great uptime. We don't use very advanced features aside from the remote access via FTP. For those small businesses that use Google Apps for mail, calendaring, and contacts, setting up a Synology file server may be a great alternative to a full Microsoft Exchange Server.

Comments

Popular posts from this blog