• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

VPN? Network Security?

matt1147

Weaksauce
Joined
Apr 4, 2006
Messages
104
I have a question;

I have a Synology DS 710+, and would like to give it some security. It says I can set up a VPN and SSL on it. I tried looking up some free VPN's and such and come across Spotflux that overall seems to be good on my laptop. But It doesn't details about it's VPN so I can connect my DS710 to it.

I found OpenDNS which sounds good, but to sign up, it asks for a lot of personal info. Where some other (VPN) services I signed up for is just a basic username and password. I also found a free SSL (level 1) that wants a lot of person info as well.

When looking into Spotflux and VPN's as a whole, they advertise how you can go about doing whatever on the net such as downloading torrents to gaming. For SSL it sounds like if I sign up for it for my DS710 I would have to keep track/almost report the traffic in/out of it. Would there be a greater risk of getting caught if you download torrents and sign up for those services?

Would getting SSL/VPN be a good solution for encrypting the data that comes in/out of my DS710? Or would there be a better service that I can use?
 
unless your doing lots of accessing your synology from outside the house, a VPN is just asking for trouble.
 
What exactly are you trying to accomplish here? VPN and SSL would encrypt the datastream if you are connected to your NAS remotely. It sounds like you are trying to cover illegal file downloading. Neither of these services will accomplish that.
 
Would there be something that can offer a private, secure connection like a VPN?
 
Why do you feel you need a secure connection? As ChRoNo16 pointed out, unless you are accessing your Synology from outside your LAN, VPN is useless.
 
What exactly are you trying to accomplish here? VPN and SSL would encrypt the datastream if you are connected to your NAS remotely. It sounds like you are trying to cover illegal file downloading. Neither of these services will accomplish that.


I am just trying to compare services as some VPN services advertise one thing.

Why do you feel you need a secure connection? As ChRoNo16 pointed out, unless you are accessing your Synology from outside your LAN, VPN is useless.

I am looking for a way to free way to secure my connect to my DS710 to prevent others from snooping on the content I have on it. As some of it is personal and rather not have unwanted eyes looking at it.

I do not want to say im performing illegal activities and want to be remain hidden. Ill save that mumble jumble to Megaulpoader and sites like that:D
 
Keeping people out is what a firewall and good security measures are for. VPN and SSL are not what you are looking for.
 
Keeping people out is what a firewall and good security measures are for. VPN and SSL are not what you are looking for.

And that is essentially comes down just assigning specific IP address for each computer and blocking the rest?

Why do you feel you need a secure connection? As ChRoNo16 pointed out, unless you are accessing your Synology from outside your LAN, VPN is useless.

I do plan on access my Synology from outside my LAN. I would like to be access it remotely from my laptop and cell/iphone. I would like to see it as one really big flash drive for my toys
 
I use a Cisco ASA to do just that. I have the client on my iphone and use the synology apps to stream music and access files remotely. A vpn works great for it. Then again I do networking for a living so yes, it's vastly overkill for home use.
 
Last edited:
first question is, why do you think you, or your data is special enough people want to view it.....

firewall - block everything you dont need and only allow through what you do need.

If someone' wants to get your data, the fact and truth is, they will, period.
 
Some of the basics that are easy to implement:
1) Disable any unused user accounts. Especially "guest". Only have the ones you need enabled.
2) Strong passwords on all accounts, or even better, pass phrases.
3) Enable AutoBlock in the Synology Control Panel. I have mine set to block the IP of anyone with 3 failed login attemps in 60 minutes.

Those three things will greatly increase the difficulty with which to break into your machine. I'm not saying this will keep out a professional identity thief who has specifically targeted you, but it should keep the script kiddies out.

For encrypting data across the wire, I enabled SSL encryption. I got a free StartSSL certificate and installed it using instructions in the Synology Forum. This is adequate enough for my purposes. I mostly access my NAS remotely for using the Audio Station to listen to music at work, so there is not a lot of personal information to steal. I just didn't like my passwords going across the wire in clear text. If you are planning to move a lot of sensitive information remotely, then a VPN setup might work better for you. Synology provides a VPN package so you don't need a special appliance to accomplish this. I played with it for a little bit but decided it was overkill for my purposes and disabled it.
 
first question is, why do you think you, or your data is special enough people want to view it.....

firewall - block everything you dont need and only allow through what you do need.

If someone' wants to get your data, the fact and truth is, they will, period.

I just got some audio that i would like to have access to where my MP3 player isn't big enough to hold all my music. If I can access it from anywhere then It'l beat needing to bring cds around with me and I hope not to have anyone get a hold of my library if possible? The last thing I would want to for people taking it and then I'll take a hit for illegally distributing music.



Some of the basics that are easy to implement:
1) Disable any unused user accounts. Especially "guest". Only have the ones you need enabled.
2) Strong passwords on all accounts, or even better, pass phrases.
3) Enable AutoBlock in the Synology Control Panel. I have mine set to block the IP of anyone with 3 failed login attemps in 60 minutes.

Those three things will greatly increase the difficulty with which to break into your machine. I'm not saying this will keep out a professional identity thief who has specifically targeted you, but it should keep the script kiddies out.

For encrypting data across the wire, I enabled SSL encryption. I got a free StartSSL certificate and installed it using instructions in the Synology Forum. This is adequate enough for my purposes. I mostly access my NAS remotely for using the Audio Station to listen to music at work, so there is not a lot of personal information to steal. I just didn't like my passwords going across the wire in clear text. If you are planning to move a lot of sensitive information remotely, then a VPN setup might work better for you. Synology provides a VPN package so you don't need a special appliance to accomplish this. I played with it for a little bit but decided it was overkill for my purposes and disabled it.


I tried setting up a VPN through Synology package and it seemed to set up fine. The part I'm confused with, Is that on the Status screen it would show the PPTP/OpenVPN as enabled. But how would I connect to it?/have it secure my synology?
 
The last thing I would want to for people taking it and then I'll take a hit for illegally distributing music.

I can't imagine you can get busted for illegally distributing music if someone hacks into your computer and steals it from you. There are far easier ways to illegally acquire music so the chance of someone hacking into your NAS for your music is essentially zero. As long as you don't have a blatantly open share, I wouldn't worry about this. Someone who is hacking you is looking for personal information to steal your identity or use your credit card to buy porn. I assure you they don't give a rat's ass about your music collection.

The part I'm confused with, Is that on the Status screen it would show the PPTP/OpenVPN as enabled. But how would I connect to it?/have it secure my synology?

I think you may not understand what a VPN is. In simple terms a VPN is a secure connection that allows a remote device to behave as if it were on a local network. So a VPN connection on your phone while you are riding a bus would allow your phone to behave as if you were sitting in your sofa watching TV connected to your wireless router. The VPN is just a secure connection between a remote device and the NAS. It doesn't "secure your synology" just the connection to it. You will need a VPN client installed on any device that you wish to connect remotely with. There are several available for every operating system.
 
Back
Top