NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Failed logins to my QNAP NAS from my Netgear BE9200
With Armour enabled I am seeing numerous failed login attempts reported by all of my QNAP NAS devices The problem is bad enough that my QNAPs are blocking the source IP of my router, which is the...
The QNAPs are reporting failed SSH login attempts with several user names like oracle, root, admin, operator, and the source IP of the router.
The issues stop when I disable Netgear Armor
I opened a ticket with Netgear and they would not confirm or deny that Armor intentionally, by design, exhibits this behavior.
I am running the latest firmware for the BE9200 device.
It seems clear to me that either the Armor software itself is attempting these logins or there is a backdoor that 'bad actors' are using.
I find it very odd that the vendor cannot answer the question "Does Armor do this by design?"
The QNAPs are reporting failed SSH login attempts with several user names like oracle, root, admin, operator, and the source IP of the router.
Just guessing, but I am thinking the vulnerability scan built into Armor is attempting those logins. Then the QNAP protection methods kick in.
I think you can remove the QNAPs from the device scan list. Then try a test by enabling ssh again.
Though I don't use Armor myself, so I might be wrong on that.
FYI, you can also report this to BitDefender (who provide the technology to Netgear). Go to https://www.bitdefender.com/consumer/support/help/ and select "How To..." and then "Troubleshooting". You'll be able to select "NETGEAR Armor powered by BitDefender" and then enter a support request.