How secure is ADS NAS kit?

TheMSsForum.com: The Microsoft Software Forum

Hi,
I recently purchased a Network-Attached Storage HD enclosure by ADS Tech,
but I am not sure how secure/hackerproof it is. (Assuming, of course, that
it has been correctly configured though it's web interface, all user
accounts have difficult passwords, access rights to specific folders have
been specified, etc., you know, the obvious has been taken care of). I want
to put some data on it that could be shared with some of my friends/family
over internet, as well as business files, which I don't want anybody to even
have a chance to get access to (besides myself).

The NAS kit interfaces through NetBios in Win workgroup environment, for
outside access it has FTP and HTTP. One thing I don't like about the FTP is
that any user who has any kind of FTP access can see all shared folders,
even those that he has no access to (when such folder is clicked, the
"Access denied" box opens). Would be much better in my opinion if a "root
folder" per used could be specified.

Does anybody know how safe it is to put shared data alongside with private
data on that thing?

Somebody might ask: Why would I want to put confidential data on it? Because
of the versatility -- I can access it from any computer, it does not require
any specific computer to be turned on (like in case with USB/FireWire
drives). I can access it from outside through Internet, or take it with me
if necessary.

Thanks in advance!
Top

Re: How secure is ADS NAS kit? by S

S
Sat Aug 06 09:11:50 CDT 2005

Depend's on what the product is built on. Common operating systems like
Windows and NetWare have robust and reliable network access control.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

"J.Smith" <none@none.com> wrote in message
news:r4XHe.1092$fJ1.275@newssvr13.news.prodigy.com...
> Hi,
> I recently purchased a Network-Attached Storage HD enclosure by ADS Tech,
> but I am not sure how secure/hackerproof it is. (Assuming, of course, that
> it has been correctly configured though it's web interface, all user
> accounts have difficult passwords, access rights to specific folders have
> been specified, etc., you know, the obvious has been taken care of). I
want
> to put some data on it that could be shared with some of my friends/family
> over internet, as well as business files, which I don't want anybody to
even
> have a chance to get access to (besides myself).
>
> The NAS kit interfaces through NetBios in Win workgroup environment, for
> outside access it has FTP and HTTP. One thing I don't like about the FTP
is
> that any user who has any kind of FTP access can see all shared folders,
> even those that he has no access to (when such folder is clicked, the
> "Access denied" box opens). Would be much better in my opinion if a "root
> folder" per used could be specified.
>
> Does anybody know how safe it is to put shared data alongside with private
> data on that thing?
>
> Somebody might ask: Why would I want to put confidential data on it?
Because
> of the versatility -- I can access it from any computer, it does not
require
> any specific computer to be turned on (like in case with USB/FireWire
> drives). I can access it from outside through Internet, or take it with me
> if necessary.
>
> Thanks in advance!
>
>


Top

Re: How secure is ADS NAS kit? by J

J
Mon Aug 08 02:52:04 CDT 2005


> Depend's on what the product is built on. Common operating systems like
> Windows and NetWare have robust and reliable network access control.

Thanks, but that's exactly what I want to find out -- How robust is the
technology this kit is built on. Since it is a network appliance, it has its
own embedded operating system, HTTP and FTP servers. It does not need any
computer to function. If I open up it's FTP server, for example (by port
forwarding on my router), I would like to make sure it has no "back-door"
access by some undocomented FTP commands or by some other features, that's
all.




Top

Re: How secure is ADS NAS kit? by S

S
Wed Aug 10 05:26:46 CDT 2005

That I couldn't say without looking at the kit. If undocumented features are
of a concern - stay away from el-cheapo an use Windows- or Linux-based
storage. Open systems, you know...

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

"J.Smith" <none@none.com> wrote in message
news:EaEJe.435$dk5.390@newssvr21.news.prodigy.com...
>
> > Depend's on what the product is built on. Common operating systems like
> > Windows and NetWare have robust and reliable network access control.
>
> Thanks, but that's exactly what I want to find out -- How robust is the
> technology this kit is built on. Since it is a network appliance, it has
its
> own embedded operating system, HTTP and FTP servers. It does not need any
> computer to function. If I open up it's FTP server, for example (by port
> forwarding on my router), I would like to make sure it has no "back-door"
> access by some undocomented FTP commands or by some other features, that's
> all.
>
>
>
>


Top