Securing your home NAS box

I recently built a NAS box to backup personal documents and media streaming, based on headless Ubuntu install and the excellent HP NL54 ProLiant Micro Server. There are tons of helpful material out there on setting up the server and support/discussion threads like this and this, so there isn’t much to add to the set-up process.

Strangely enough, most setup articles I came across ignored steps needed to secure the box, perhaps because unlike me, most people access their NAS boxes locally? Whatever the reasons, it doesn’t take much to secure your box from unwelcome guests and the minimum that you should do is:

  1. Disable root access to the box
  2. Add a new new user (and only user ideally) representing you only with administrative privileges and
  3. Secure remote login to your box over SSH

Personally for me, that’s good enough. Optionally, you can enable a firewall and take actions to prevent brute force access attempts on your box, the former maybe even less so important since it’s likely that your NAS box is already behind a home router that’s running a firewall with it’s own DDoS protection.

For the basic steps and advanced options, have a look at this excellent write-up. The comments thread is also worth reading too.

2000-2009. The Last 10 Years in Picture.

From the New York Times, a pictorial summary of the first decade of the 21st century. It was meant to be a new era; a new millennium and a fresh beginning; but how it turned out to be a series of blunders and disasters. What will the next 10 years hold for us?

As one fellow redditor point’s out, “A tsunami that killed a quarter million people is next to guitar simulating video game. That sort of sums up the decade… catastrophic events and consumerism-fuelled apathy.”

Phillip Niemeyer | Picturing the Past 10 Years

Phillip Niemeyer | Picturing the Past 10 Years

Disconnecting Distractions

Paul Graham has an excellent article on factors that create distractions, especially the computer, as he points out:

TV is in decline now, but only because people have found even more addictive ways of wasting time. And what’s especially dangerous is that many happen at your computer. This is no accident. An ever larger percentage of office workers sit in front of computers connected to the Internet, and distractions always evolve toward the procrastinators.

The worst aspect of computer based distractions, whether its just plain old browsing or checking the status of your friends on social networking websites is that, its become a seamless experience, because we can do it right in the middle of anything we were doing and it still doesn’t feel like it, as he explains:

Another reason it was hard to notice the danger of this new type of distraction was that social customs hadn’t yet caught up with it. If I’d spent a whole morning sitting on a sofa watching TV, I’d have noticed very quickly. That’s a known danger sign, like drinking alone. But using the Internet still looked and felt a lot like work.

One thing that Paul doesn’t take on directly is the effect of social networking and video sharing websites on encouraging procrastination. To me, they are the single biggest source of addiction for the masses hooked on to the web. What’s even more scary is that increasingly, social networking sites are becoming defacto start pages compared to search engines.

Oh, did I tell you I’m writing this because the mail/calendering client at work, an universally recognized pathetic piece of $hit called Lotus Notes just hung up, prompting me to discard what I was doing and, guess what? I got distracted enough to write a blog entry about it.

Am I Dreaming?

Just glancing through today’s Google News headline page reveals the following headlines:

China Withdraws from Tibet, with Apologies
Peace payments to Iraq a “phenomenal success”
Amnesty International reports massive drop in detainments
Gaza-West Bank divisions disappearing
Darfur peace process well underway
Music publishers: DRM has been unprofitable
Long-awaited spray-on solar coating now available
Big Three Unveil Emissions-Free Lineup
Sick of spam? New method stops it for good

Whew! That’s a lot of good news for a day. Can’t remember when was the last time I saw such a positive series of headlines.

There’s hope afterall, maybe…

P.S. There’s even Rowling: “I have heaps more to write about Harry”.
I’m speachless!

What a Joke!

I usually have the Automatic Update services running in my home laptop, still running XP pro by the way. From time to time, it pops up, asking me if I’d like to install security updates and program patches, and being the good user that I am, accept what Microsoft deems best and just get along.

So when yesterday it asked me whether I wanted to install Windows Media player 11, to upgrade the version 10 already installed, I didn’t really think much, after all, I don’t even use that piece of bloatware, there’s way better solution for watching media, VLC and iTunes for music (I admit it may not be the best out there, but its convenient if you own an iPod) and I mean, an upgrade surely will be better, it will stop those patches coming in for media player 10, no?


Right after I agreed with the upgrade and a mammoth 25 megabyte download, (Why? Whatever happened to upgrading only the bits you need? Surely Microsoft hasn’t written the whole software from scratch? I guess Joel is right…) I get this:

WTF? Another 5 megabyte slapped on me on me and only the almighty know’s how many more patches to come! Whatever happened to shipping a new version of a product only when you are confident you can actually add value? What exactly is media player 11 adding that couldn’t have been delivered through patches in media player 10? Its being patched regularly for security holes anyway, how about updating for feature for a change?

Like the vast majority of users out there, I can’t count the number of times I’ve put faith in Microsoft software and got a very raw deal*. But the latest round of shenanigans have forced me to have got typing away again. Its just plain annoying.

P.S. Congratulations, Microsoft, thanks for providing an un-installation option at least, however, be sure to check the discussion at the bottom of the link for frustrated experiences of some users…