I recently became the proud owner of a Noontec N5 network attached storage (NAS) enclosure. I bought it because I needed:
- Network access to the contents of a large hard drive.
- USB access to the contents of a large hard drive.
It’s hard to tell where to start with this amazing device, so let’s go with the all-important first impression. Nothing says factory quality control quite like a few dead cockroaches stuck to a random sticky pad inside the enclosure. From that point on, I knew I was in for a treat.
The cockroaches could not be removed. It’d probably void the warranty anyway.
It assembled fine, so I powered it up and connected it to my network. It then insisted on hijacking my router’s IP address, acting as a DNS server, and generally screwing up my entire network. Seems reasonable. In order to access it I had to remove it from my network, connect a Linux box directly via ethernet, use ifconfig/route/etc to manually set up network access to it, and then configure it to not be monumentally stupid.
Then it was time to set up SMB. Seemed to go easy enough: my Mac machine could connect, my Windows 8 machine could connect, my Linux machine… not so much. I progressed through using
mount.cifs, and eventually even Wireshark to figure out what the problem was. You might think, “well, Linux has never been great at SMB, of course you need to do some work there.” But hold your judgement until you hear the problem: to authenticate SMB connections, the N5 uses NTLMv1. NTLMv1 has a number of terrific vulnerabilities that could be exploited by a 13 year old with a graphics calculator, so NTLMv2 was created in 1996 to address some of these issue. The N5 does not support NTLMv2. That is, the N5’s level of network security predates Internet Explorer v3.
No matter. I’ll just explicitly downgrade my security settings. Cool.
Side note: the N5’s web interface exposes all passwords in plain text. Super useful feature that.
During this process, by the way, I contacted Noontec for help. They have a website, of course — the support email address listed there is for another company and offer firmware downloads off Dropbox. Seems legit. When I contacted them via this address, they suggested I start by updating the firmware, and sent me a link to do so. The firmware completely changed the branding of the box (as reported by the web UI and network protocol responses). I initially worried about the potential for malware, but realised that even running a botnet off a NAS could only improve the functionality of the N5.
So now I can check off item one on my list, and all it took was manual network routing and byte-for-byte packet inspection. On to item two: USB access!