wow , I 've be a round for some time, this community is active

[G+_K Branch jr]

wow , I've be a round for some time, this community is active,

 

Network device question, I have a old Netgear stora ( i am going to up date to Synology ) for now can I us it or is it vulnerability? Where do I check for old devices that may be owned or exploited

P.S. how can I scan it for a virus or exploited

[G+_Scott Dible]

Do you just plan on using it on the LAN? If so, it should be fine. If you are opening it up to the WAN, you should be more cautious. What model is it?

[G+_K Branch jr]

yea, I am , but can i access remotely or VPN ( new to networking )

[G+_Scott Dible]

Kenneth Branch jr That's what I do. I gave up having all of my stuff connected, and instead use a VPN. I use OpenVPN Access Server for the ease of setup. It's limited to two users on the free version I think. You can also just use OpenVPN, but there is a little bit more configuration.

[G+_Ben Reese]

There are a couple excellent scripts for setting up OpenVPN on a Raspberry Pi or any other Linux machine.

 

It's probably best to assume there are vulnerabilities in your Netgear NAS if it's not getting updates regularly. But with your use of internal network only (and VPN), I think you're probably OK.

 

As for vulnerability scanning, I know there's enterprise software and I imagine there's something with Metasploit, but I don't know what. Vulnerablity scanning would be a excellent topic for a KH series - of the team wants to add one more to the list.

[G+_K Branch jr]

Ben Reese thanks .. I will do that , and check ppp

[G+_K Branch jr]

Check to see the last time is been updated , thanks again

[G+_K Branch jr]

Scott Dible thanks

[G+_winston xoom]

Just make sure that the NAS itself doesnt go outside of your LAN to the internet for "updates" or anything. VPN is good for the inbound but if the request comes from inside to outside bringing back something you dont want then the VPN is only partially a solution.

[G+_K Branch jr]

Sorry for getting back to you guy so late. I've been using my free time working on my truck and back taxes.

 

I'm going to move all my data over to openNAS and, set up a Linux server.

 

The old stora is going to the lab and segmented from my network. By the way, I wonder what we can do to it in the lab ??

[G+_winston xoom]

Segmenting your network is a good idea anyway. My NAS boxes are on their own VLAN and have explicitly defined INBOUND connections anything else gets logged and bounced. I give up some NAS remote access features but my remote access into the network is via VPN so its a little more complicated but in the end I feel its more secure.