Much appreciated Chris!
Thanks for jumping in fast, Christopher. As Iâve said before, we are REALLY lucky to have you as part of this community. I wouldnât be a Roon subscriber without the NAS capability you provide. So thank you. BTW, does the Synology interface have the same vulnerability?
If youâre a roon user who install roon on a Synology Diskstations, you are SAFE this time.
First feedback this morning: it seems to have closed the vulnerability.
They do perform further testing now before releasing it to their app center.
Hi,
I use the Roon App on a QNAP NAS, and I use Tidal with Roon. Both the Roon App and Tidal require access to the internet. I have seen advice not to expose the NAS to the outside world. However, I have not seen a good explanation as to how to accomplish thisâat least not advice useful to me (not being an IT expert). I would very much appreciate your help!
Thank you!
That means to have your NAS visible/accessible from the internet (port forwarding, remote management and so on) and itâs different than accessing the internet from the NAS (which itâs, for the most of it, ok). In both cases there are rules/settings that you need to implement and respect in order to maximize the security.
Thank you for your response. Can you point to these rules?
For ex., I have read advice to disable UPnP and to use port forwarding. However, I have also read advice to disable both UPnP and port forwarding. If both are disabled, how do Roon and Tidal work?
Thanks again!
Thanks so much for your reply! I have implemented those recommendations. However, Iâm still left with the questions I addressed to occasionallyhere.
UPnP and Port Forwarding arenât required for Roon Server and Tidal integration to work. From reading these forums, many QNAP owners (including me) have blocked remote Internet access to our devices without an issue.
You donât need UPnP and itâs the best practice to disable it.
Port forwarding is a âtechniqueâ used when you need to access your NAS (or any computer for that matter) from the internet. Itâs not needed for a regular (normal, in house, over the same network) use of Roon, Tidal or Qobuz.
Thank you both, Terry and occasionally here. Much appreciated! Iâll give it a try.
Just saw an article about ransomware being targeted for Roon users running on QNAP. Could not find nay current threads on this in the Roon Community. Can Roon support provide an update? I currently have disabled Roon on my QNAP NAS. Need an E.T.A. on when the zero day threat will be patched and remediated in Roon software.
Beware of eCh0raix Ransomware Attacks, QNAP Warns Customers â E Hacking News (rootdaemon.com)
As mentioned above, this isnât actually a Roon issue. Also above youâll see @crieke response that itâs hopefully been fixed and awaiting QNAP approval.
Sorry for looking stupid here (itâs a hobby of mine), How do I turn off internet access on my TS-253b, and will it still be able to update apps / firmware etc etc
Is this resolved yet?
It is a Roon issue. @crieke may be the lead author but Roon should be supporting him here. @support and @danny should be all over thisâŚ
I know this is a âcommunity developedâ platform integration but as someone very new to Roon, I find the lack of any kind of statement from the team to be an unwelcome surprise.
Itâs all been said. The issue has been corrected and is awaiting Qnapâs testing before releaseâŚ
Hi, While sorting out the recent QNAP security advisory on vulnerability in the Roon server, I took the QNAP NAS offline. Per the recommendations of occasionallyhere and Terry, I disabled UPnP on my router and NAS (where I also disabled Bonjour). I have never used port forwarding. The routerâs security assessment did not identify any issues, and QNAPâs Security Counselor found nothing of substance.
Despite these changes and the device security self-scan results, when I put the NAS back online, the hacking attempts resumed where they had left off.
I have implemented QNAPâs recommendations to reduce the probability of a successful hack. If there are further recommendations to avoid hacking attempts, I would very much appreciate learning of them.
Thank you!