D-Link refuses to patch a security flaw on over 60,000 NAS devices — the company instead recommends replacing legacy NAS with newer models - eviltoast
  • metaStatic@kbin.earth
    link
    fedilink
    arrow-up
    3
    ·
    5 days ago

    who the fuck even still has an exposed IPv4 address anyway, those are fucking expensive since we ran out. I couldn’t expose my network if I tried.

    • ÚwÙ-Passwort@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 days ago

      Its free, so why the fuck not? Why the hassle with ddns, wich funnily enough is also free with my hoster/registra

    • BearOfaTime@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      5 days ago

      Dynamic DNS has solved that for 20+ years. Just need a domain name, and a utility to update the IP when it changes.

      That said, my IP hasn’t changed in over 5 years now.

      • bamboo@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 days ago

        Still though, Dynamic DNS points to an external IP address, which you’d have your NAS exposed on a public port. This is the flaw in the design which allows remote execution of this exploit.

        If you need remote access to the NAS, it should not be publicly exposed and should require a VPN to access. That way if there is an issue or misconfiguration, everyone on the internet can’t exploit it easily.