Just stumbled across this (overly dramatic?) article and thought I’d just post it here…

It’s more to act as a reminder that if you’ve got a NAS that is serving content to the interwebs, then make sure it’s behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.

Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.

I’ve used Squid and HAProxy over the years (mostly on my pfSense box) - but I’d be interested to know if there’s other options that I’ve not heard of

  • SayCyberOnceMoreOP
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    I must get around to looking into 2FA / MFA sooooon (next ~5 years)

    Did you find it really straight forward to get setup?

    I think the fear of getting started with these things is sometimes worth it (home system offline for days) but often it’s quite simple…?