NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS Vault using rsync??
I was just checking one of the shares (our main one) on the NV+ we have in the office, and apparently there was a rsync enabled to 64.64.131.102, which I do not think was set by me. (The only admin in...
I was assuming that the rsync to 64.64.131.102 was a frontview backup job. Is it something else? For instance something you are seeing running via ssh?
Maybe this is obvious, but I think I'd
(a) turn off the scheduling of the backup job for now, and disable rsync on the share if you aren't using that.
(b) change the admin password for the NAS (and the root password if you use SSH).
(c) check the logs and see if the backups are actually working
(d) contact vault support directly
(e) contact onlinestoragesolution.com support. If you didn't authorize the backups, then someone is illegally using them to steal your data. If you have the login user name and destination path, it should be easy for them to track down who it is, and they should be able to see the data transfer from their own logs.
If the NAS is compromised/hacked then you should probably rebuild it (starting from a factory reset, and restoring data from backups). Re-configure the NAS manually, as you don't want to accidentally grab something in the OS partition that could reopen the vulnerability.
Maybe this is obvious, but I think I'd
(a) turn off the scheduling of the backup job for now, and disable rsync on the share if you aren't using that.
(b) change the admin password for the NAS (and the root password if you use SSH).
(c) check the logs and see if the backups are actually working
(d) contact vault support directly
(e) contact onlinestoragesolution.com support. If you didn't authorize the backups, then someone is illegally using them to steal your data. If you have the login user name and destination path, it should be easy for them to track down who it is, and they should be able to see the data transfer from their own logs.
If the NAS is compromised/hacked then you should probably rebuild it (starting from a factory reset, and restoring data from backups). Re-configure the NAS manually, as you don't want to accidentally grab something in the OS partition that could reopen the vulnerability.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
