NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RN102 v6.1.8 - cant access SSH
Hello folks, I have a RN 102, now upgraded to 6.1.8. I used to access it via SSH and rsync files from another RN102 to it. Suddenly I cannot access it via SSH anymore. Web interface is ok. I ...
Good to know, but I won't need to do it.
My config is a cp command away and contains only a few things like perf improvement and modified headers to secure a little bit more. Having a Cisco device with protocol inspection activated, IPS activated, then going to an UTM that provides a captive portal and then connects to my NAS, acting as a middle man, while using snort, and then having iptables on my NAS. I think I'm pretty safe without fake headers anyway ;)
As I said, I tend to avoid problems, modifying apache is not hard and with a backup of the original config, any problem is solved within seconds and can't ever impact any other service. I don't want to mess up an SQLite database that I'm not sure about what it does in the NAS grand scheme of existence to save myself the trouble of a command once every 1-2 months...
I could also make settings persistent with a cron job using cat & grep to see if I can find a personalized comment, if not copy the file.
But as said before, I dislike to mess things up on a NAS, the only thing I did was to enhance security a little bit.
But now with a serious firewall I feel way more comfortable knowing that only HTTPS connections can go through my firewall (HTTP on the same port won't pass, neither will SSH...) and that I have two IPS guarding angels. Not bullet proof but quite reasonable for non-enterprise data.
That said, fail2ban & iptables should be integrated directly in the NAS interface (as an option) as they don't use too much ressources even for the 104, are free and provide decent protection (combined with mail alerts). I would have liked snort with limited rules to what's running but the 104 will take a performance hit with that.
My config is a cp command away and contains only a few things like perf improvement and modified headers to secure a little bit more. Having a Cisco device with protocol inspection activated, IPS activated, then going to an UTM that provides a captive portal and then connects to my NAS, acting as a middle man, while using snort, and then having iptables on my NAS. I think I'm pretty safe without fake headers anyway ;)
As I said, I tend to avoid problems, modifying apache is not hard and with a backup of the original config, any problem is solved within seconds and can't ever impact any other service. I don't want to mess up an SQLite database that I'm not sure about what it does in the NAS grand scheme of existence to save myself the trouble of a command once every 1-2 months...
I could also make settings persistent with a cron job using cat & grep to see if I can find a personalized comment, if not copy the file.
But as said before, I dislike to mess things up on a NAS, the only thing I did was to enhance security a little bit.
But now with a serious firewall I feel way more comfortable knowing that only HTTPS connections can go through my firewall (HTTP on the same port won't pass, neither will SSH...) and that I have two IPS guarding angels. Not bullet proof but quite reasonable for non-enterprise data.
That said, fail2ban & iptables should be integrated directly in the NAS interface (as an option) as they don't use too much ressources even for the 104, are free and provide decent protection (combined with mail alerts). I would have liked snort with limited rules to what's running but the 104 will take a performance hit with that.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
