being probed/attempted hacks

The NAS has been getting a significant amount of hack attempts, since I enabled the MailServer functionality.

About 10-15 times in a 24-hour period, people (or, to be more accurate, things, because these probes are probably automated) attempts to log on to the root of MailServer as the primary user.

I guess that the bots that trawl the internet looking for open ports probed for, and found, the open port 25 (MailServer port) against the static IP address that the NAS uses.

My first line of defence was to implement a ‘three strikes and you’re out’ security policy. This will ban, for life, the IP address of anyone who unsuccessfully attempts to log on to the NAS three times.

My second line of defence was to set each NAS account and each email account with a new, digitally-encoded password, that meets GCHQ encryption standards.

I did check out the first couple of dozen IP addresses, but the only thing I learned was that invariably they were based in China.

It amused me that the Chinese Government (hacking community? – what’s the difference between the two?) would be so keen to get their hands on my priceless collection of unsigned music.

Or the many thousands of amusing Garfield strips that I keep, for some reason.

Or the entire second series of Outnumbered that I’ve never quite got around to deleting.

Or my porn.

Ahem.

So I have implemented two lines of defence: three strikes and you’re out for life, and all passwords set to a very high standard.

Is there anything else I can add?

Bear in mind we are only talking about probes to the MailServer – an application on the NAS – not probes to the NAS itself.

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *