Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Security how on earth does it work
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-09-24
06:11 AM
2013-09-24
06:11 AM
Security how on earth does it work
System Netgear Readynas NV+ V2
I'm at a complete loss here.
I'm not unintelligent, but I simply cannot get the security on this box to work.
I have a single share.
I am running the following services: SMB, UPnP, FTP, HTTP, HTTPS
At present I have the admin account and a single user "ReadOnly" setup
Note - if I go into Users/Groups, I do not see the admin user listed, however I am able to connect to the box from windows using this account.
I have the Share configured as follows:
Only SMB is enabled.
In the Share Access I have ReadOnly ticked for Everyone (group), and nothing ticked for users, and ReadOnly - these inherit the Readonly property from Everyone.
Allow anonymous access is unticked.
Under protocol specific settings I have the Creation rights all set to ReadOnly
Unser Files and Folders I have Folder Owner and Group set to nobody, the Rights are all set to Readonly
Despite all of this, I can still connect to the box from windows without even presenting a username/pw and make any changes I like.
How is this resolvable?
I'm at a complete loss here.
I'm not unintelligent, but I simply cannot get the security on this box to work.
I have a single share.
I am running the following services: SMB, UPnP, FTP, HTTP, HTTPS
At present I have the admin account and a single user "ReadOnly" setup
Note - if I go into Users/Groups, I do not see the admin user listed, however I am able to connect to the box from windows using this account.
I have the Share configured as follows:
Only SMB is enabled.
In the Share Access I have ReadOnly ticked for Everyone (group), and nothing ticked for users, and ReadOnly - these inherit the Readonly property from Everyone.
Allow anonymous access is unticked.
Under protocol specific settings I have the Creation rights all set to ReadOnly
Unser Files and Folders I have Folder Owner and Group set to nobody, the Rights are all set to Readonly
Despite all of this, I can still connect to the box from windows without even presenting a username/pw and make any changes I like.
How is this resolvable?
Message 1 of 5
Labels:
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-09-24
06:54 AM
2013-09-24
06:54 AM
Re: Security how on earth does it work
Does the windows logon/password match up with any of the NAS accounts (including admin)???
What firmware are you running?
What firmware are you running?
Message 2 of 5
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-09-24
07:16 AM
2013-09-24
07:16 AM
Re: Security how on earth does it work
The windows account on the Pc that is able to access without any pw, has no pw - the username matches an account which WAS on the device, but has been deleted.
Message 3 of 5
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-09-24
07:17 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2013-09-24
11:21 AM
2013-09-24
11:21 AM
Re: Security how on earth does it work
By default, Windows will present the windows logon/password to the NAS.
Tangoman wrote: The windows account on the Pc that is able to access without any pw, has no pw - the username matches an account which WAS on the device, but has been deleted.
This behavior can be modified in the Windows Credential's Manager (in control panel). So the next step is to look there, and see if there is an entry that specifies credentials for the NAS.
Message 5 of 5