It started with an exploit…
I’ve had a home NAS unit from Synology for years. I used that as my BitTorrent client, media server, file backups…etc. It was simple to set up and operate and life was good for years.
Late last year though, Synology had a major zero-day exploit, which allowed attackers to bypass your username/password and even your account’s two-factor authentication.
I imagine a ton of units were impacted – even if Synology doesn’t admit it. The reason I assume this is because my unit was affected and it was pretty locked down. I didn’t allow any remote connections to it, except through Synology’s “Quick Connect” system. Even when using that, you needed my username, password (which were strong and unique), as well as my case 2FA code.
It had blocks in place to automatically block/ban failed attempts and I only had 1st part apps installed on my unit that were kept up to date.
Even with those checks in place, my home network alerted me one day that my NAS was trying to send outbound traffic to China. On my home network, I have traffic to/from multiple high-risk countries block – hence the alert.
I started looking into the possible causes, with a suspicion that my NAS had been compromised. I segregated it from the rest of my network on it’s on walled-off VLAN while I investigated.
Two days later the news of the Zero Day exploit dropped. That gave me hints of where to look and sure enough, buried in my NAS I found a single file, written in Chinese.
So where do we go from here?
Me being the giant nerd that I am, I had started playing with a homelab earlier in the year. Using a simple Intel N100 machine, I had installed Proxmox and set up some simple containers to run things like Plex and HomeAssistant.
I had thought about building a more powerful machine and then using that for a multitude of things, including to serve as my NAS. However, since I already had a working NAS, there wasn’t much motivation.
Well now with my Synology unit compromised, there was motivation…
Let the games begin!!
At first, I thought this would be a good opportunity to upgrade my personal PC and re-use that hardware for the new home lab server. However, after some consideration, I sided against this. This was mostly because one of the main uses will be as a Plex server and my gaming PC had an AMD CPU.. which don’t have built-in hardware transcoding support in Plex. I had no plans on putting a GPU in the server, so I began looking at economical parts to start building.
I ended up finding a great deal on an Intel Core i7-12700K. The chip is TOTALLY overkill for the machine, but I was able to get it for only a few dollars more than the 12400 that I was originally targeting.
Next up, I scored an old Z790 motherboard off Ebay. The Z790 would normally be once again overkill for this project, however the extra SATA ports were valuable to me as I’ll be adding a lot of hard drives for the NAS functionality.
I stuck with a board that used DDR4 vs DDR5, as the extra ram speed is wasted and DDR4 memory is substantially cheaper. Speaking of which, Ebay also helped with finding 128GBs of used DD4 Ram.
Since I’ll be using TrueNAS Scale for the basis of my NAS, the more ram the better as TrueNAS uses RAM for caching. Additionally, there will be multiple linux containers and virtual machines, so the more the merrier. I would have actually gone for more than 128GBs of RAM, but the price jump wasn’t worth it.
Ebay also helped with buying a stack of OEM Seagate Ironwolf Pro 12TB hard drives. These will serve as the ZFS storage pool for TrueNas.
Lastly from Ebay was a simple 4U shallow depth case to pop everything in.
With everything acquired, I built the server and installed Proxmox.
The easiest part of this adventure was complete 😂
… to be continued