The Slightly Disgruntled Scientist

...now 7% more viral!


Rubbish Review Debut: The Noontec N5 NAS

| Comments

I recently became the proud owner of a Noontec N5 network attached storage (NAS) enclosure. I bought it because I needed:

  1. Network access to the contents of a large hard drive.
  2. USB access to the contents of a large hard drive.

It’s hard to tell where to start with this amazing device, so let’s go with the all-important first impression. Nothing says factory quality control quite like a few dead cockroaches stuck to a random sticky pad inside the enclosure. From that point on, I knew I was in for a treat.

The cockroaches could not be removed. It’d probably void the warranty anyway.

Network setup

It assembled fine, so I powered it up and connected it to my network. It then insisted on hijacking my router’s IP address, acting as a DNS server, and generally screwing up my entire network. Seems reasonable. In order to access it I had to remove it from my network, connect a Linux box directly via ethernet, use ifconfig/route/etc to manually set up network access to it, and then configure it to not be monumentally stupid.

Easy as.

Then it was time to set up SMB. Seemed to go easy enough: my Mac machine could connect, my Windows 8 machine could connect, my Linux machine… not so much. I progressed through using smbclient, mount.cifs, and eventually even Wireshark to figure out what the problem was. You might think, “well, Linux has never been great at SMB, of course you need to do some work there.” But hold your judgement until you hear the problem: to authenticate SMB connections, the N5 uses NTLMv1. NTLMv1 has a number of terrific vulnerabilities that could be exploited by a 13 year old with a graphics calculator, so NTLMv2 was created in 1996 to address some of these issue. The N5 does not support NTLMv2. That is, the N5’s level of network security predates Internet Explorer v3.

No matter. I’ll just explicitly downgrade my security settings. Cool.

Side note: the N5’s web interface exposes all passwords in plain text. Super useful feature that.

During this process, by the way, I contacted Noontec for help. They have a website, of course — the support email address listed there is for another company and offer firmware downloads off Dropbox. Seems legit. When I contacted them via this address, they suggested I start by updating the firmware, and sent me a link to do so. The firmware completely changed the branding of the box (as reported by the web UI and network protocol responses). I initially worried about the potential for malware, but realised that even running a botnet off a NAS could only improve the functionality of the N5.

So now I can check off item one on my list, and all it took was manual network routing and byte-for-byte packet inspection. On to item two: USB access!

USB access

The N5 boasts USB 2.0 access, which is great for me because I have some appliances that could access it as a USB device and “just work.” Think about how you might gain USB access to a device advertised as having USB access. Take a minute, if you need it.

Was your answer: let the user connect to the device via a USB cable? If so, you are fired from working at Noontec. No, the answer is: power the device off. Remove the ethernet cable (yes, physically unplug it). NOW connect the USB cable. Power on the device.

In theory, you should now have USB access to your N5!

These were actually the instructions sent to me by Noontec technicians. This is the only supported way for USB access. It doesn’t actually work when you try it, of course, but at this point I’ve stopped caring about USB access because that is a ridiculous procedure.

So item number two: screw it.

Why the N5 then, idiot?

Now you might be thinking, “look, reviewer, everyone knows you get what you pay for, and since the N5 sits at the very lowest price point for a NAS, how could you be surprised by this?” Well, firstly, no matter how cheap a thing is I think we all expect fitness of purpose from something we pay for. But hey, if nothing else, the N5 (and, ahem, the distributor) is impressive for how close to the “fitness of purpose” line it dances.

But secondly, let’s consider the spectrum of NAS enclosures currently out there. Go back and look at my list of things I need. Note that since the N5 doesn’t do USB access, I’ve learnt to live without #2 anyway. So I need just one thing: network access to my stuff.

That’s it. That’s all.

On the other hand, here’s a list of useless garbage I don’t want to pay more than $100 AUD extra for:

  1. Having the entire internet be able to hack into my storage.
  2. Having the entire apartment block be able to hack into my storage (yay WPS).
  3. Media centre software that is unarguably worse than open-source equivalents.
  4. An appliance that is too big to fit anywhere in my apartment.
  5. Unannounced modification of my data.

But apparently the current state of NAS technology absolutely must include all these things and more. NAS enclosures have to be giant, vendor-software riddled, woefully inadequately secured boxes of crap before anyone will sell them. The next NAS up from the N5 is over $150 AUD. Its killer feature is… being a surveillance server. WHAT THE HELL.

It turns out that now that I’ve worked around the N5’s inability to do what it says on the box, I could probably make do with an inert hard drive enclosure and an eSata cable. I look forward to buying these things from literally anywhere but the vendor I bought the N5 from.

Comments