DL2100 and security

My Cloud OS 3 Network Attached Storage My Cloud DL Series
#1
  1. There is no mention about encryption in the manual. There are only couple places where they have used a word encryption, but nothing else… It seems to be that the NAS is not encrypted by a default and you cannot do that unless you start from the beginning. However, im not willing to start over again, because I cant find any information about the encryption and how is it working really…

am i able to encrypt all files if i set NAS again from the start? Is it asking me about the encryption? When my laptop is connected to the NAS, are those files then en/decrypted during “drag and dropping” if the NAS is mapped?

  1. Or is it enought to use user accounts for the folders? Is it secure enough? im going to use the NAS for my work documents as well as for my personal things, so im abit worried about the security. if you dont know the password for the folder, can you still somehow get the files from the drive if they arent encrypted? I actually dont know how the security works with dL2100. When my laptop went broken i was able to get all my files from the harddrives just by using a dos based software… So what exactly the user account with a password does in the NAS? Are those files still readable or truely protected that you cannot copy them without knowing the username and a password?
#2

I may be wrong (again), but I think the encryption means you cannot do what you did with your laptop.  If the drive(s) are encrypted, you can not attach them to another machine and read them.

They are not encrypted between your pc and the NAS.  Having a password for the box itself and not making a share public is your protection.  Out Of The Box the NAS is VERY public/no security.  All shares are public.  If you plug a usb drive in with data, it will become a public share.

But if you go through the steps and just put your data in shares that are not set to public, assign users permissions, you should be fine.

So if the drive is not encrypted and you attached it to your laptop, it is going to be a *nix format.  A windows PC would not just simply read the data.  A *nix person probably could. (This paragraph is my best guess LOL)

Hopefully a *NIX expert will chime in :slight_smile:

#3

All folders i have in NAS are set as privates (turned off the public switch) and only specific users can access their own folders or shared folder (private but all users have access to this folder). So let say…

  1. I create a folder named “abc” under the tab “Shares”
  2. i turn off the “public switch” from the just created folder “abc”
  3. i give full access to the folder “abc” for the user “Eni” and all other users have no access to the folder.

a) Is it now secure? No one from internet cannot access to the folder “abc” without knowing the user name “Eni” and the password for that account?

b) How about if i take the drive out from the box and connect it straight to the computer? am i able to read data from the folder “abc” without the user name and the password?

c) so do i even need the encryption if all folders are set only for users, not as a public? (encryption makes it slower which i dont want)

#4

a) no one can get to your files from the Internet even if they know the username and password unless your box is not behind a router/firewall or you have set the box in the dmz of the router effectively placing it on the Internet. Try it.  Gio to the library and use one of their PC’s and try to get to your files at home/work.

b) I am pretty sure someone could read the files in another box if it was not encrypted.  Though I do not know how easy, or hard this would be.  I have not tried it.

c) How much slower is it?  How often do you actually drag large files back and forth?  Once they are there do they not just sit there?

#5

Gramps wrote:

a) no one can get to your files from the Internet even if they know the username and password unless your box is not behind a router/firewall or you have set the box in the dmz of the router effectively placing it on the Internet.  

b) I am pretty sure someone could read the files in another box if it was not encrypted.  Though I do not know how easy, or hard this would be.  I have not tried it.

 

Sorry being dumb, but there seems to something that need to be explained in plain english to me :smiley:

Internet — Modem(router) — NAS** (no encrypted)**

NAS has a folder “ABC” and only user who can access to that folder is Eni. I cant map the Enis folder to my laptop, because I dont know the password. I can only map my own folders. 

But if i take the drive out from the box, am I able to browse Enis folder and see those files or does my laptop shows me nonsense when trying to browse the drive? 

I just dont understand this: how the filesystem works in dl2100 and what username and password does for the folders. Are those folders protected or are they fully readable when the drive is attached to the computer. 

#6

I will have to pull a drive out and see.  What I don’t know if it can be read by a windows machine or if it would need raspberry PI :slight_smile:

But if it is not encrypted I am sure someone could read it.  Again, I am just not sure how easy or hard that would be.

If you take a hard drive out of a windows box and put it in another windows box you can take ownership and read everything if it is not encrypted.

But this is a linux box and I know very very little about Linux.

#7

FWIW I pulled a drive and put in in a USB dock.  Windows sorta saw partitions but said it needed to be formated.

I think I found the drive in my rapberry PI, but could not see any files.

This was just one drive out of 4 in a raid 10 from a DL 4100.  If you have JBOD,RAID 0 or 1 it may be different.

I can’t prove it myself, but I would think if the drive was not encrypted, someone could get the data.  NSA, CIA, FBI, etc.  Or maybe Tony or Myron…

1 Like
#8

Ok, thanks for trying =]

#9

http://www.wdc.com/wdproducts/library/AAG/ENG/4078-705153.pdf

The DL2100 uses Linux EXT4 file system which is not supported by Windows OS and is why you see paritions but cannot mount them. AES 256 volume encryption is used which means LUKS, something Windows doesn’t understand.

#10

An alternative is to use encryption software like TrueCrypt v7.1A. Tha is what I use. I do not encrypt an entire Volume (Hard drive) I just set up an encrypteed directory (Folder). TrueCrypt is “cross OS” Mac OS X, Windows, LINUX. I can access the encrypted directories from bot Mac and PC (Win). I haven’t yet tried it with LINUX (Ubuntu) OS. TrueCrypt is Open source - no charge. Therer are other commercial programs. One that works on both Mac (OS X and Windows) is EncryptStick and cost is very reasonable. TrueCrypt lets you encrypt entire volumes. EncryptStick (which I also use) I do not recall if that is possible. NOTE: there is internet trafficthat calls into question the security of TrueCrypt because further development was stopped and v7.2 is not recommended. However I have seen info based on a security audit th v7.1A is A-OK. NOTE; If you want to use TrueCrypt on OS X 10.10 (Yosemite) and OS X 10.11 El Capitan, there is a minr tweak in the install process that allows you to install it and it works A-OK on my machines.

Just Do an internet search on TrueCrypt to check out & verify what I have stated

Forums | News and Announcements | Register | Help | Forum Guidelines
Copyright © 2001 - 2018 Western Digital Technologies, Inc. All rights reserved. | Trademarks | Privacy | Community Terms of Service | Site Terms of Use | Copyright | Contact WD