- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
SuspiciouS Outbound Connection to Amazon EC2 servers
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have upgraded my NAS to 6.5.0-RC3.
Recently, I am noticing some suspecious connections to Amazon EC2 servers. I got this info from a tcpdump packetcap.
I am not using any kind of cloud services under the under the cloud tab nor are they enabled, and I dont have any apps installed on my NAS.
After some tinkering in the back end, I noticed that "readynasd" is the service that is initiating these connections:
root@NAS01:/proc# lsof -i
wget 14575 root 4u IPv4 342524 0t0 TCP NAS01:52391->ec2-52-9-25-12.us-west-1.compute.amazonaws.com:http (SYN_SENT)
root@NAS01:/proc# pstree
systemd─┬─2*[agetty]
├─apache2─┬─7*[apache2]
│ ├─4*[apache2───dbbroker.cgi]
│ └─2*[apache_log]
├─avahi-daemon───avahi-daemon
├─connmand
├─cron
├─dbus-daemon
├─fvbackup-q───2*[{fvbackup-q}]
├─mdadm
├─mdcsrepaird───{mdcsrepaird}
├─minissdpd
├─nmbd
├─raidard
├─readynasd─┬─sh───wget
│ └─14*[{readynasd}]
├─rsync
├─smbd─┬─cleanupd
│ ├─smbd
│ └─smbd-notifyd
├─sshd───sshd───bash───pstree
├─systemd-journal
├─systemd-logind
├─udevd───2*[udevd]
└─wsdd2
A ps faux also reveals that readynasd manifests DNS query and wget to Amazon servers.
My questions is what is the need of these connections, and why is that when I disable any cloud related services, they are still making outbound connections to Amazon services?
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The particular connection you mentioned is what determines whether you get a green "Internet Available" checkmark, or an "Offline" notation in the Cloud tab of the GUI.
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SuspiciouS Outbound Connection to Amazon EC2 servers
Even with services disabled, ReadyNAS still needs to connect to the ReadyCLOUD discovery server as well as the firmware update server, and or gathering the list of apps.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The particular connection you mentioned is what determines whether you get a green "Internet Available" checkmark, or an "Offline" notation in the Cloud tab of the GUI.