I had 1 Synology NAS for about 8 years and I've had my upgraded one for about 3 years. I'm that guy who knows enough to get things working, but likely just barely, and with several (unknown to me) security holes. In the past week I've decided to dig in, learn more, and harden the security and functionality of my system. I've mostly done this with the help of your fantastic videos. You are a great teacher. Thank you sincerely! Cheers
Timely! I'm in the process of replacing a client's aging QNAP NAS with a Synology model. (I have a lot more experience with QNAP, but went with Synology this time because I'm uncomfortable with how many times QNAP has been successfully targeted by ransomware criminals in the past few years and not impressed with the alacrity of their responses nor with how seriously they took each incident. Taking a pass on QNAP for awhile.) Your videos have been a great help to me, but this one is a real treasure trove! I'm implementing each and every thing you recommended. You've earned yourself a new member, my friend!
I bought my DS216+II in 2018. As a non-tech person, I was glad that I managed to set things up and used my NAS as a backup using Synology Drive. However, I really did not know what I was doing. All those years, I did not have the NAS security set up properly as you explain here. Thank you for your video. It's really helpful.
Good job on this video. Common sense approaches anyone can take to secure their files. Synology is king for not putting any of these features behind a paywall. Lets give them praise!
Thank you, great tutorial. I am setup pretty much exactly as you described and I thought I knew my stuff, however I still learned a couple things from you!
Thank you for this very important tutorial! I have set my hyperbackup external device to be ejected after the backup. Just to make sure that there is no access in case of an attack. I also unplug it. I always wanted to suggest to zoom your screencasts to maximize the window you are showing.
Great stuff again Will, I just saw it to check if I'm still ok with my settings, because I follow everything from you. It was fine, learned a lot from you, thanks for that, your a great teacher.
Love the info! Snapshots saved me once when I accidentally overwrote some files. I was easily able to back and retrieve them. Snapshots is one of the coolest features ever.
Great info, you convinced me to use snapshots even though my NAS backs up my file server, i see the advantages of using snapshots. Too bad syno doesn't describe the use more in depth in their Package Center or more people would be using this tool
In our firm, see a lot of our clients that have been hit with ransomware. One of the key areas the cybercriminals target is the backups. So it's vital to protect the backup as well, and snapshots are the bomb for this. I run one NAS with snapshots and MFA required for all access, and all those protection settings, plus it is not available to internet. Then I have an occasionally connected NAS that backs up the primary. Yep. I'm paranoid. It's not a matter of being a "high priority" target for hackers. They run scripts to automatically hunt for "easy targets." You really, really don't want to be an easy target.
thanks for making this video much appreciated it has helped me removing the security risk and getting my head around this NAS system i have. i have to say i hate the fekn thing its way to complex and massively expensive for just storing files on as a replacement to two desktop hard drives mirrored by chronosync only upside i see is you can access it from anywhere.
Great video! Thanks so much for sharing! I have just one question regarding snapshots. If I create a snapshot schedule for my "HOMES" shared folder, will it include any folder inside that? If I have tons of folders and files there, would it be difficult to recover them if needed?
Sooo helpful thanks. Still running DSM 7.1 after the drama of 7.2 - so not everything matches up, but still great. Still debating on making the jump to 7.2 - but your other vid makes it sound more stable now.....
One important suggestion before restoring a snapshot. Make sure you identify the computer that got the ransomeware virus and disconnect it from the network or else after you restore the snapshot your company files will just get encrypted again!!! You will want to reimage the computer before connecting it back to the network. I battled many cryptolocker ransomeware and was able to restore with snapshots and was able to get customer back working in a couple hours. Was a true feeling of having a superpower!!!!
Good advice. Snapshots are great. I wish there were a solution that would allow more granularity for the /homes snapshot though. Snapshots work only at the shared folder level, so users can't self-admin restores for their particular /homes/username folder. Drive Client has previous versions, but still... I enjoy it when people don't bug me. :)
Hello Rex, great video. I have one problem with snapshot. Specialy with a homes folder. When I want to recover a snap shot the option Restore to this snapshot is greyed out and cant restore it. Why? All the others folders are fine. Thank you
Just a word on the NTLMv1 auth. It's not that it can be easily bruteforced, it's that it's a weak hash and is trivial to crack. It's also very trivial to "pass" the hash to the NAS or another target.
What about OS corruptions? I have encountered a situation that the OS of the synology was corrupted... The TA disabled the drive -- how does one recover from that? The drive was not even not available outside the fire wall...
If you open SSH, change the default port to something else, bots are scanning TCP/22 and will try to connect, trying brute forcing the login. By changing the default, you would decreasing this behaviour by far.
Thanks. I am also wondering about the best way to give access to a folder on the Internet so I can backup and access pictures remotely without giving additional access to my NAS.
If you have movies/Plex, would it be best to make a new Shared Folder, and not use Snapshots? I probably will not delete many files from it, but I'm guessing if I did, then it won't free up space until the end of the snapshot retention period (7 days currently which isn't too bad, but if it was 2 yrs then I wouldn't want that)
I just received my 923+ but was reluctant to even open it to due to its complexity. This video is proving to be hugely helpful and give confidence about this purchase! Question for you: my main purpose of getting Synology is to store/access my huge library of RAW + JPG image files as a photographer. The appeal of the NAS was also to access photos from anywhere in the world since I travel for work a lot. Currently I have 12TB's worth of photos on a G-DRIVE external HD which desperately needs to be backed up (and expand). I purchased 3x IronWolf Pro 12TB drives and I'm not sure if I should set it up as SHR or RAID 5? I bought the 3rd drive with the intention of doing RAID 5 however seeing SHR as an option I could return the 3rd drive to save some money as I likely will be ok with 24TB for now. Once the NAS is all setup I plan to backup everything onto Backblaze and/or those old HDD's. All that being said, in my case what do you recommend?
Under the hood, SHR utilizes RAID technology. The benefit is the ability to later on expand the array without having to completely delete it. No reason to not use SHR over RAID as SHR is a lot more user friendly.
Spacerex, I've used GRC's Shields Up to check open ports. Do you have any thoughts on them? Also curious, when checking for open ports does is it per computer or router?
Thanks for the video. Your channel convinced me to switch to Synology from QNAP. One question - is having rsync (port 22) open for off-site backup a concern?
Time machine requires AFP to be on. If you turn that off, you will get "The selected network backup disk does not support the required capabilities. Please be sure Time Machine capabilities are enabled on the server for this volume or choose a different network backup volume.". Thanks for the tips.
So this can be a glitch. You can use SMB with time machine and should! You want to just make sure you have a few SMB settings enabled, I have a video on it
hello, thanks for the video. I have a question: I have 4 disk total space 8TB with RAID 10 as volume1. and I have 1 disk 8TB as volume2. all my shared folder in volume1. and I want to use that snapshot replication to take all my files in volume1 and save them in volume2. is that possible ? I mean snapshot can use my volume2 for data store ?
Remote Desktop can be used as long you don’t use the default port and setup secure connections only i picked a port on my router that’s drcure to use plus i have software to block RDP connections unless they go through that port and not on that ban list and drop list
Thank you very much for this, it has been most informative and helpful. I wonder if I could ask a question about snapshots though, my nas is approximately 15TB in size, with around 10TB of files on there at any time. If I install snapshots and get hit by a ransomware attack that encrypts all 10TB of files, how would the snapshot be able to cope as each of the 10tb of files would be locked, but there isn't enough space for it to keep the older version of the file as they are rewritten/encrypted? I know you mentioned that this is complex and hard for some people to get their heads around (I guess I am one of those people) - but would snapshots save me in this instance?
As the ransomware would be encrypting each file, the file system stores the delta between the original and the new version. In your scenario, when the drive reaches 100% (consisting of your original data + a full new version of each file, generated by the ransomware) - there won't be any space left, so the malware won't be able to 'save' the file (in its encrypted form) because the disk will be full which stops the change to the file.
What is the "normal" speed to transfer files to USB drive backup using Hyperbackup? I'm getting transfer rate of 100kbps sometimes. Not even 1mbps. This during the day when I' using. But is not fast either when the Nas is not in use.
I will do a pretty non aggressive snapshot policy of 1x per week, and keeping 4x weekly versions of the hyperbackup folder, assuming there is space. This would allow the main NAS to be completely hacked, and delete its own backup, but still be able to recover from it
Because malware is interacting on the file system level, but the snapshots are actually a level lower than that, so malware cannot directly interact with them
This is a simply way to stop all ransomware new or old. Just won't let it to run. You can use a library/folder based whitelist that has all authorized programs/scripts can be run safely. This whitelist can only be modified in safe mode. So, hackers or disgruntled employee can't run any unauthorized programs/scripts.
How might regular snapshots and immutable snapshots affect the amount of data being backed up to a remote service such as Backblaze? I want to setup a remote backup service, but I am unsure about what should be remotely backed up, how to designate only those important files/folders, and how to estimate the total size (and thereby cost) of my backup.
The inconvenient that I see with Snapshot Replication it not have folder excluding. For example, I have a shared folder that I want to replicate, but one of the folders inside that shared folder contains a LOT of videos, with a total of 9TB inside that shared folder and I don't want to replicate all of that. The only way I know is to make a new directories hierarchy. Is there any other solution?
So the way snapshots work is they are file unaware, they actually send the underlying volume over, rather than files (it’s what makes them so fast and safe) Otherwise you could use something like Synology drive share sync.
It's great but not truly immutable if anyone who can log in is able to turn it off and wait a few weeks before encrypting the data. The key is making it impossible to disable immutability remotely and having a physical button on the NAS that must be pressed before immutability can be disabled or altered in any way. It could then allow a window of 5 or 10 minutes before the settings are locked again. I currently have something like this on a much more expensive enterprise system that requires myself and someone else (2 people) to provide support with a secret pin via a zoom call before the lock-down mode is disabled, allowing me to make changes to immutability settings. Any system can be compromised, requiring some sort of physical access to make changes is the key to protection against ransomware.
Hi, nice basic tutorial! For the part on port-forwarding: You could have added information about implemented VPN or e.g. Tailscale VPN (available in Synology packages) and Firewall rules that allow all ports via these services and blocking all others, so that there is no need to open any more ports than for the VPN service (in case of Synology implemented VPN used), or allow Tailscale subnet (in case of Tailscale service used). Nonetheless. Thank You! :)
Why is under Protection > Autoblock your 'enable block expiration' off? If for some reason you fail after 10 attempts, can't you lock yourself out of your Synology?
You cannot, as there is no way for a computer to tell an encrypted file from any other binary file. It would mean that you could not save things like zip files as the NAS may think those were encrypted.
You've got a good basic security tutorial here that I think could be expanded and split into a separate video. Then you could spend more time in this video that focuses on just the snapshot and replication stuff.
I did not watch the entire video start to finish, but I believe you missed an initial requirement for LUN configuration that it has to be Thin Provision.
@@SpaceRexWill I can't remembered what it called but my customer got their Synology NAS totally wipe out during the ransomware attacked in Q1 this year. They did have snapshots configured but no use. All theirs data is gone. If they have backup an off-site copy that would be much easier to restore, too bad they don't have.
assume the ransomware is being used for extortion in a circumstance…. does disabling the authenticate certificate allow the party to lie when being audited to taxpayers?
If you enable MFA and stream DS Video to your smart TV you are practically scr*wed since your TV cannot resolve that MFA request. Dumb desicion from Synology.
Nah man, that "rambling" has provided me small details I have looked for and not found else where. I am happy the way he does it, many times I have been trying to figure out 1 setting and he has hit on it, when no one else has.
I had 1 Synology NAS for about 8 years and I've had my upgraded one for about 3 years. I'm that guy who knows enough to get things working, but likely just barely, and with several (unknown to me) security holes.
In the past week I've decided to dig in, learn more, and harden the security and functionality of my system. I've mostly done this with the help of your fantastic videos. You are a great teacher. Thank you sincerely!
Cheers
Thanks so much!
Timely! I'm in the process of replacing a client's aging QNAP NAS with a Synology model. (I have a lot more experience with QNAP, but went with Synology this time because I'm uncomfortable with how many times QNAP has been successfully targeted by ransomware criminals in the past few years and not impressed with the alacrity of their responses nor with how seriously they took each incident. Taking a pass on QNAP for awhile.) Your videos have been a great help to me, but this one is a real treasure trove! I'm implementing each and every thing you recommended. You've earned yourself a new member, my friend!
Thank you so much man!
I bought my DS216+II in 2018. As a non-tech person, I was glad that I managed to set things up and used my NAS as a backup using Synology Drive. However, I really did not know what I was doing. All those years, I did not have the NAS security set up properly as you explain here. Thank you for your video. It's really helpful.
Subbed! I love that concerned face of him while explaining stuff thoroughly and with good quality.
Man love your videos. I also love the fact your giving your insights and thoughts on things. It really helps put things to perspective. Thanks dude.
Good job on this video. Common sense approaches anyone can take to secure their files. Synology is king for not putting any of these features behind a paywall. Lets give them praise!
Thank you, great tutorial. I am setup pretty much exactly as you described and I thought I knew my stuff, however I still learned a couple things from you!
wow - your explanation of snapshots was AMAZING! thanks!
As usual, great video!
Thank you for this very important tutorial! I have set my hyperbackup external device to be ejected after the backup. Just to make sure that there is no access in case of an attack. I also unplug it.
I always wanted to suggest to zoom your screencasts to maximize the window you are showing.
Great stuff again Will, I just saw it to check if I'm still ok with my settings, because I follow everything from you. It was fine, learned a lot from you, thanks for that, your a great teacher.
Love the info! Snapshots saved me once when I accidentally overwrote some files. I was easily able to back and retrieve them. Snapshots is one of the coolest features ever.
yeah! Snapshots are game changers! They absolutely can easily save you
Great info, you convinced me to use snapshots even though my NAS backs up my file server, i see the advantages of using snapshots. Too bad syno doesn't describe the use more in depth in their Package Center or more people would be using this tool
I actually wish that snapshots would be a default install pop up like drive is now. But they are a bit complicate to setup at first
In our firm, see a lot of our clients that have been hit with ransomware. One of the key areas the cybercriminals target is the backups. So it's vital to protect the backup as well, and snapshots are the bomb for this.
I run one NAS with snapshots and MFA required for all access, and all those protection settings, plus it is not available to internet. Then I have an occasionally connected NAS that backs up the primary. Yep. I'm paranoid. It's not a matter of being a "high priority" target for hackers. They run scripts to automatically hunt for "easy targets." You really, really don't want to be an easy target.
Excellent video. Super-impressed you commented on SMB1!
Really practical tips, especially for new users of NAS🎉🎉🎉
Reassuring to know it’s all “common sense” stuff and I’m well protected. Enjoyed the video, thanks for sharing.
I've learned so much from your videos. Thank you for the hours of work!
Fantastic job Will!! This was a well explained yet clear explanation! Salute from Italy
Great info Rex, really appreciate it !!
Glad it was helpful!
thanks for making this video much appreciated it has helped me removing the security risk and getting my head around this NAS system i have. i have to say i hate the fekn thing its way to complex and massively expensive for just storing files on as a replacement to two desktop hard drives mirrored by chronosync only upside i see is you can access it from anywhere.
Great segment! Thanks for the perspective for different types of users.
Thank you so much for this video, that was a lot of great information!
Bravo! Great presentation. This is very helpful.
Great video! Thanks so much for sharing! I have just one question regarding snapshots. If I create a snapshot schedule for my "HOMES" shared folder, will it include any folder inside that? If I have tons of folders and files there, would it be difficult to recover them if needed?
I really learn a lot from you and your channel. Thank you so much for your videos!!
Great advice, Thanks. What would be really useful is a tutorial on how to migrate from ext4 to BTRFS
Sooo helpful thanks. Still running DSM 7.1 after the drama of 7.2 - so not everything matches up, but still great. Still debating on making the jump to 7.2 - but your other vid makes it sound more stable now.....
I'm late to this video but the information was incredibly useful and I'm glad to have stumbled upon it.
Love it thank you from a new Synology owner. I hope windows will some day support BTRFS file system as a default option.
Picked up a couple good ideas here. Thank you!
One important suggestion before restoring a snapshot. Make sure you identify the computer that got the ransomeware virus and disconnect it from the network or else after you restore the snapshot your company files will just get encrypted again!!! You will want to reimage the computer before connecting it back to the network. I battled many cryptolocker ransomeware and was able to restore with snapshots and was able to get customer back working in a couple hours. Was a true feeling of having a superpower!!!!
Crazy good video!!
Really great video! Thanks!
Thank you for your series 😇
Your videos are very informative. Thank you.
Thank you for making this video, this is exactly what I needed
Great presentation. Thank you.
Much appreciated guide. Really helpful.
Great video!
Can you please make a video about upgrading/replacing HDD Drives on two bay Synonoly NAS system with out loosing data? Thanks!!!
Excellent, thanks.
Thank you
Good advice. Snapshots are great. I wish there were a solution that would allow more granularity for the /homes snapshot though. Snapshots work only at the shared folder level, so users can't self-admin restores for their particular /homes/username folder. Drive Client has previous versions, but still... I enjoy it when people don't bug me. :)
Hello Rex, great video. I have one problem with snapshot. Specialy with a homes folder. When I want to recover a snap shot the option Restore to this snapshot is greyed out and cant restore it. Why? All the others folders are fine. Thank you
thanks, great video , thanks from Brazil
Just a word on the NTLMv1 auth. It's not that it can be easily bruteforced, it's that it's a weak hash and is trivial to crack. It's also very trivial to "pass" the hash to the NAS or another target.
What about OS corruptions?
I have encountered a situation that the OS of the synology was corrupted... The TA disabled the drive -- how does one recover from that? The drive was not even not available outside the fire wall...
Great Video again Rex. Didn't know about Upnp, which was on . Now off
If you open SSH, change the default port to something else, bots are scanning TCP/22 and will try to connect, trying brute forcing the login. By changing the default, you would decreasing this behaviour by far.
thank you so much for this video, Soooooooooo Helpful WOW!
Thanks. I am also wondering about the best way to give access to a folder on the Internet so I can backup and access pictures remotely without giving additional access to my NAS.
If you have movies/Plex, would it be best to make a new Shared Folder, and not use Snapshots? I probably will not delete many files from it, but I'm guessing if I did, then it won't free up space until the end of the snapshot retention period (7 days currently which isn't too bad, but if it was 2 yrs then I wouldn't want that)
I just received my 923+ but was reluctant to even open it to due to its complexity. This video is proving to be hugely helpful and give confidence about this purchase! Question for you: my main purpose of getting Synology is to store/access my huge library of RAW + JPG image files as a photographer. The appeal of the NAS was also to access photos from anywhere in the world since I travel for work a lot. Currently I have 12TB's worth of photos on a G-DRIVE external HD which desperately needs to be backed up (and expand). I purchased 3x IronWolf Pro 12TB drives and I'm not sure if I should set it up as SHR or RAID 5? I bought the 3rd drive with the intention of doing RAID 5 however seeing SHR as an option I could return the 3rd drive to save some money as I likely will be ok with 24TB for now. Once the NAS is all setup I plan to backup everything onto Backblaze and/or those old HDD's. All that being said, in my case what do you recommend?
Under the hood, SHR utilizes RAID technology. The benefit is the ability to later on expand the array without having to completely delete it. No reason to not use SHR over RAID as SHR is a lot more user friendly.
Spacerex, I've used GRC's Shields Up to check open ports. Do you have any thoughts on them? Also curious, when checking for open ports does is it per computer or router?
Thanks for the video. Your channel convinced me to switch to Synology from QNAP. One question - is having rsync (port 22) open for off-site backup a concern?
Big thanks mate
Time machine requires AFP to be on. If you turn that off, you will get "The selected network backup disk does not support the required capabilities. Please be sure Time Machine capabilities are enabled on the server for this volume or choose a different network backup volume.". Thanks for the tips.
So this can be a glitch. You can use SMB with time machine and should! You want to just make sure you have a few SMB settings enabled, I have a video on it
Thanks. Let me go try that@@SpaceRexWill
Yup worked. Ty! @goat ... deets in video "How to Backup MacOS to Synology NAS using Time Machine"
So I just ordered a DS223j. Looks like it is Btrfs based on specs?
hello, thanks for the video. I have a question: I have 4 disk total space 8TB with RAID 10 as volume1. and I have 1 disk 8TB as volume2. all my shared folder in volume1. and I want to use that snapshot replication to take all my files in volume1 and save them in volume2. is that possible ? I mean snapshot can use my volume2 for data store ?
Remote Desktop can be used as long you don’t use the default port and setup secure connections only i picked a port on my router that’s drcure to use plus i have software to block RDP connections unless they go through that port and not on that ban list and drop list
thank u. 🤟🏼
Thank you very much for this, it has been most informative and helpful. I wonder if I could ask a question about snapshots though, my nas is approximately 15TB in size, with around 10TB of files on there at any time. If I install snapshots and get hit by a ransomware attack that encrypts all 10TB of files, how would the snapshot be able to cope as each of the 10tb of files would be locked, but there isn't enough space for it to keep the older version of the file as they are rewritten/encrypted? I know you mentioned that this is complex and hard for some people to get their heads around (I guess I am one of those people) - but would snapshots save me in this instance?
As the ransomware would be encrypting each file, the file system stores the delta between the original and the new version. In your scenario, when the drive reaches 100% (consisting of your original data + a full new version of each file, generated by the ransomware) - there won't be any space left, so the malware won't be able to 'save' the file (in its encrypted form) because the disk will be full which stops the change to the file.
Can you please make an video from active insight Ransomware Protection.
So, transferring to a PC running FreeBSD - I should use ZFS and practice good snapshot hygiene?
What is the "normal" speed to transfer files to USB drive backup using Hyperbackup? I'm getting transfer rate of 100kbps sometimes.
Not even 1mbps.
This during the day when I' using. But is not fast either when the Nas is not in use.
Thanks for your helpful videos! Does it make sense to use snapshots on my off- site hyper backup NAS?
I will do a pretty non aggressive snapshot policy of 1x per week, and keeping 4x weekly versions of the hyperbackup folder, assuming there is space.
This would allow the main NAS to be completely hacked, and delete its own backup, but still be able to recover from it
@@SpaceRexWill thanks Will!
I can't find MFA on DSM 6?
I have a question about the snapshot mechanism.
How is it possible that the malware damages other files but not the snapshots themselves?
Because malware is interacting on the file system level, but the snapshots are actually a level lower than that, so malware cannot directly interact with them
@@SpaceRexWill Does it mean the snapshot cannot be stored in the same volume? Or is the same volume but somewhere else outside shared folders?
if i mapped a drive/folder from my synology on my windows would that give a hacker or exe program easier access?
This is a simply way to stop all ransomware new or old. Just won't let it to run. You can use a library/folder based whitelist that has all authorized programs/scripts can be run safely. This whitelist can only be modified in safe mode. So, hackers or disgruntled employee can't run any unauthorized programs/scripts.
How about port forwarding for Plex? I that safe?
How might regular snapshots and immutable snapshots affect the amount of data being backed up to a remote service such as Backblaze? I want to setup a remote backup service, but I am unsure about what should be remotely backed up, how to designate only those important files/folders, and how to estimate the total size (and thereby cost) of my backup.
They will have no effect on the remote backup. Cloud sync and hyperbackup do not backup snapshots, only the active file system
The inconvenient that I see with Snapshot Replication it not have folder excluding. For example, I have a shared folder that I want to replicate, but one of the folders inside that shared folder contains a LOT of videos, with a total of 9TB inside that shared folder and I don't want to replicate all of that. The only way I know is to make a new directories hierarchy.
Is there any other solution?
So the way snapshots work is they are file unaware, they actually send the underlying volume over, rather than files (it’s what makes them so fast and safe)
Otherwise you could use something like Synology drive share sync.
It's great but not truly immutable if anyone who can log in is able to turn it off and wait a few weeks before encrypting the data. The key is making it impossible to disable immutability remotely and having a physical button on the NAS that must be pressed before immutability can be disabled or altered in any way. It could then allow a window of 5 or 10 minutes before the settings are locked again. I currently have something like this on a much more expensive enterprise system that requires myself and someone else (2 people) to provide support with a secret pin via a zoom call before the lock-down mode is disabled, allowing me to make changes to immutability settings. Any system can be compromised, requiring some sort of physical access to make changes is the key to protection against ransomware.
Hi, nice basic tutorial! For the part on port-forwarding: You could have added information about implemented VPN or e.g. Tailscale VPN (available in Synology packages) and Firewall rules that allow all ports via these services and blocking all others, so that there is no need to open any more ports than for the VPN service (in case of Synology implemented VPN used), or allow Tailscale subnet (in case of Tailscale service used). Nonetheless. Thank You! :)
Why is under Protection > Autoblock your 'enable block expiration' off? If for some reason you fail after 10 attempts, can't you lock yourself out of your Synology?
But you can always just go from a different IP address
Is it possible to setup a user account such that the administrator account(s) cannot see the user’s files in the user account’s home folder?
There is not.
Can't they build an OS that prevents encryption of a file unless the admin password is provided?
You cannot, as there is no way for a computer to tell an encrypted file from any other binary file.
It would mean that you could not save things like zip files as the NAS may think those were encrypted.
Hi Nas delete file how to recover pls video upload it.
i have express vpn, and i have it connected to my nas, is that safe?
You've got a good basic security tutorial here that I think could be expanded and split into a separate video. Then you could spend more time in this video that focuses on just the snapshot and replication stuff.
Immutable snapshots aren’t available on all NAS’s.
I did not watch the entire video start to finish, but I believe you missed an initial requirement for LUN configuration that it has to be Thin Provision.
I love your videos, But your personality doesn't match mine. But i always try and come back. Hopefully, this helps your algorithm.
New ransomware now will totally wipe out your Synology NAS. So even if you have snapshots there is no use.
What new ransomware are you talking about?
@@SpaceRexWill I can't remembered what it called but my customer got their Synology NAS totally wipe out during the ransomware attacked in Q1 this year. They did have snapshots configured but no use. All theirs data is gone. If they have backup an off-site copy that would be much easier to restore, too bad they don't have.
just dont buy qnap and you will be safe for 50%
assume the ransomware is being used for extortion in a circumstance…. does disabling the authenticate certificate allow the party to lie when being audited to taxpayers?
love your videos… love accountability more?
who else is gonna pay for the hardware?
If you enable MFA and stream DS Video to your smart TV you are practically scr*wed since your TV cannot resolve that MFA request. Dumb desicion from Synology.
I enjoy your videos but please don’t ramble so much. Please deal more with just you topic. Thanks and keep up the good work.
He's providing professional technical advise for FREE and you're complaining? Wow, just wow.
I've watched since day one and prefer the longer form. He's a joy to listen to. Horses for courses, young padawan.
Nah man, that "rambling" has provided me small details I have looked for and not found else where. I am happy the way he does it, many times I have been trying to figure out 1 setting and he has hit on it, when no one else has.
Will, don't change a thing! Your videos are incredibly useful to me and very well done.
bruh are you high he's doing great job and totally free!!
In 2024, why don't you just sync all your files with OneDrive or Dropbox ? That is a real question.
Disliked because you rambled so long at the start and it was clearly to inflate your watch time, which is pathetic.