Securing your home NAS box

I recently built a NAS box to backup personal documents and media streaming, based on headless Ubuntu install and the excellent HP NL54 ProLiant Micro Server. There are tons of helpful material out there on setting up the server and support/discussion threads like this and this, so there isn’t much to add to the set-up process.

Strangely enough, most setup articles I came across ignored steps needed to secure the box, perhaps because unlike me, most people access their NAS boxes locally? Whatever the reasons, it doesn’t take much to secure your box from unwelcome guests and the minimum that you should do is:

  1. Disable root access to the box
  2. Add a new new user (and only user ideally) representing you only with administrative privileges and
  3. Secure remote login to your box over SSH

Personally for me, that’s good enough. Optionally, you can enable a firewall and take actions to prevent brute force access attempts on your box, the former maybe even less so important since it’s likely that your NAS box is already behind a home router that’s running a firewall with it’s own DDoS protection.

For the basic steps and advanced options, have a look at this excellent write-up. The comments thread is also worth reading too.

One thought on “Securing your home NAS box

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s