Can a 314 ReadyNAS get hacked?

Danthem wrote:

@Alexofindy, if you don't have any port forwarding towards your NAS - nobody can access the NAS from outside your network, and if they're inside your network I'd say that's quite a security hole you need to fix. If you're very worried about it, disable SSH on the device and then the only way someone can gain access to the OS of the NAS would be to have inside access to your network, figure out your web GUI admin password (which should be strong) and enable SSH.

I don't disagree with Danthem's comments, but want to add a couple points.

Most networks (including your home network) use a "soft center with hard edges" model for security. If someone can penetrate your home network, then they likely can get access to everything. So the first line of defense for the network is to maintain that edge security.

There are two basic ways an outsider can penetrate your edge w/o physical access to your home. One is wifi, the second is through your internet connection / router. So you want to enable wifi security (WPA) and use a good passphrase. 5 Ghz doesn't carry as far as 2.4 Ghz, so if your devices all support 5 Ghz, then you might turn your 2.4 Ghz WiFi off.

And you want to have a strong password on the router, especially if you enable remote administration. (if you don't actually need remote administration for the router, then don't enable it). Keeping router firmware up to date is also a good idea, since there are possibly security fixes being made there also.

Powerline networking is a bit like WiFi, in that the powerline network can carry beyond your home. There is encryption on the powerline link, and if you use that technology you should make sure you've set that up properly as well (since the powerline also is part of your "edge").

If you use ReadyCloud (really any cloud package or VPN) on the NAS, then that creates another path to get into the home network. So if you enable that service, then you also need strong passwords there, and keep in mind that you are essentially trusting Netgear's readycloud security, since it is part of your "edge".

So start with that stuff. Enabling ssh on the NAS within the home network doesn't really add much vulnerability to data loss, if a hacker penetrates your edge, they can also reach your data through your PCs. Personally I think the benefits of keeping ssh enabled outweigh the risks - when the gui fails, you have more options available to fix the problem. But of course it does add some risk.