DSM-G600, DNS-3xx and NSA-220 Hack Forum

dissidente · 2009-07-12 22:49:38

Hello all.

I have a NSA220 and am about to upgrade to the latest 3.12 firmware, and thought I would use FFP also, as I am to do it for some time.

At the moment there are two features I needed to use, and am thinking if FFP and NSA220 will manage, not to be forced to buy a new linux box.

I intend to use SSH to route port connections (ie. connect from office to one of my home computers on RDP or VNC). Will the sshd included in FFP do this? It's not a cut-down sshd?

Another thing I would like to do was to use WOL (wake-on-lan) to boot up a computer that stays off during the day (my contribution to the environment ). Usually I use wakeonlan to do it from my debian boxes, but I intended to start doing it from the NAS. Is there any mod to use WOL through FFP? If not what could I do to use it this way? (i'm not a kernel-compiler linux user, but with good instructions I'll do what needs to be done ).

Thanks

Mijzelf · 2009-07-13 15:08:35

Sshd in ffp can create tunnels just fine. I'm using it regularly. In ffp there's a function ether-wake, (which is a part of busybox), which implements WOL.

dissidente · 2009-07-13 15:59:04

Thanks Mijzelf.

Those are indeed good news

All I have to do now is to backup the data in the NAS, upgrade it to firmware 3.12 and install FFP

Can't w8

dissidente · 2009-07-24 18:16:58

My friends, it works like a charm

I upgraded to firmware 3.12, and the new stock features are indeed great, but with FFP it's even greater.

What i'm running:

* sshd, natted to a high port, configured to allow only login with one account (after the login I su as root to do any admin stuff)
* ddclient, to update my dynamic dns services, as the ddns client of my adsl router is completely broken; ddclient works very well and is DynDNS certified
* polipo, a web proxy, only when I need it; it's not squid but hey... it does the trick when I need to access anything through home (like e-banking, or any other stuff on a non trusted network)

A couple of questions any of you might be able to answer:

* I'm searching for a way to send e-mail, to allow scripted notification of several stuff (ie. quota marks, restarts, etc), but can't find anything for ffp. any suggestions? (TLS would be a bonus)

* I'm trying to configure a fail-safe telnetd that would run in start up for a given time (ie. 1 minute), to allow for access if, for example, sshd would fail for some reason. Tried to start telnetd, sleep it and then killall telnetd, but for some reason it works on manual execution, but not at startup (i'm using the /ffp/start method). What am I missing? =\

* The ext2-fs warnings on dmesg from rebooting the NAS (either from console or web) are prone to data corruption? If the ffp install runs completely from usb will this still happen while rebooting from web?

* Does anyone know of any sucessfull implementation of a vpn server on ffp? Do you think this would be possible?

Cheers

Mijzelf · 2009-07-25 16:38:42

sshd, natted to a high port, configured to allow only login with one account

Can you tell me how you did this? When I'm trying to disable root login sshd doesn't accept any connections anymore.

I'm trying to configure a fail-safe telnetd <..>

You can try to run (unchrooted) /usr/local/btn/open_back_door.sh. This has the same effect as opening the backdoor by pressing the reset button. (Un?)fortunately AFAIK the admin account is disabled in fw 3+, so you can only use the NsaRescueAngel login.

Maybe I've even something better. I run dropbear from ffp 0.4 (a light weigth sshd) unchrooted (on a non-standard port, else sshd wouldn't start). It starts before ffp starts, so when ffp fails there's a fallback, and it gives unchrooted access, which is sometimes usefull.

dissidente · 2009-07-27 03:01:37

Hi Mijzelf.

I had to create a new user to use to login through SSH. This is an unpriviliged user, to the likes of User, but I didn't want anything that obvious

Then, making sure the new user was able to login, I edited the sshd.conf file to add the directive AllowUsers <new user>, thus not accepting any other user that the one I specified.

To be able to go root u can use the /sbin/su command. I'm still working on a couple of issues regarding environment (I'm not a linux expert, so I'm still fiddling with it )

The main goal with this was to minimize sshd brute forcing, changing ports, user, and being a lot more restrictive with login timeouts and failing limits.

About your suggestions, how do you run unchrooted commands? (if I understood correctly, you are referring to running commands on the firmware itself, before ffp comes in and changes a couple of linkings, right?)

Another thing I discovered a couple of minutes ago and that would be very nice is that you can use Zyxel log facility to add custom messages to the log (for example, for when you have scripts running that you would like to write to the web's log. Can't recall precisely what the command is, but you'll have to run guessing the source and severity levels to configure your message...

And a last thing for the curious and/or security freaks who use the download service: check this file - /i-data/.zyxel/clidump.gui

Cheers

Mijzelf · 2009-07-27 10:38:49

add the directive AllowUsers <new user>

Thanks. I'll try that.

To be able to go root u can use the /sbin/su command

sudo is also a very convenient way.

how do you run unchrooted commands?

I suppose you're running my scripts to start ffp. In that case in the end of after_booting.sh there are two lines

Code:

/sbin/chroot $1 command

. command is chrooted here (and starts the ffp stuff), all other stuff is executed unchrooted. You can execute any firmware program here, like open_back_door.sh, or any software which is compatible to the firmware directly (all needed libraries available in /lib), like ffp 0.4 dropbear. Ffp 0.5 sshd won't work. It needs it's libraries in /ffp/lib, which is unchrooted not available.
So changing the last lines to

Code:

# open backdoor
/usr/local/btn/open_back_door.sh &

# run fun_plug local, if present
if [ -x $1/ffp/etc/fun_plug.local ]; then
    /sbin/chroot $1 /ffp/etc/fun_plug.local
fi
 
# run commands
if [ -x $1/ffp/etc/rc ]; then
    /sbin/chroot $1 /ffp/etc/rc
fi

will run an (unchrooted) telnetserver for 3(?) minutes.

dissidente · 2009-08-10 18:20:34

Hi again.

Sorry for the delay in replying, but I only got the time now. My company (me! =P) is migrating a hosting infraestructure to another environment.

Do you beleive that until you pointed out I wasn't aware that there was a sudo package in FFP? ehehe You are right, it's much more convenient that su.

So, after a little fiddling I decided to move the whole FFP setup to a 1 Gb USB pen, for speed (honestly didn't notice much change in this), comodity and power saving (which I'm still working on).

So currently, my setup is running totally (as much as possible) from USB:

* sshd
* polipo (running as nobody for security)
* transmission (running as nobody for security, and fetching an updated blocklist each time the start up script in ran; need to tweak this to try and update the blocklist every day)
* ddclient

Working on:

* USB swapping (found a thread regarding this, but am unsure if the default swaps being used need to be swapped off; the usb swap is used, but there is a disk swap remaining with space used)
* Power saving (I think there is a firmware command that gives you the power saving state of each disk, but I can't find it =S; also, how can I list open files to try to troubleshoot disk access spinning up?)

Would still like:

* stunnel (for secure wrapping of transmission webpage - wife's toy while working eheheh)
* nups (for Mustek UPS management; the included features in 3.12 firmware don't work with this UPS)
* mail sending (as infortunatly Zyxel didn't yet implemented alert e-mail notification)
* telnetd for short period on startup (didn't yet implemented your solution; will try to do that in the next couple of days )
* 7zip (it supports several main archive formats, and almost all archives I deal with are 7z)

Mijzelf · 2009-08-11 11:02:37

dissidente wrote:
* USB swapping (found a thread regarding this, but am unsure if the default swaps being used need to be swapped off; the usb swap is used, but there is a disk swap remaining with space used)

You don't need to switch off the disk swap, only give the usb swap a higher priority. On my box the disk swaps have priority -1 and -2, and I gave the usb swap priority 0. AFAIK the system never swaps to disk now. The firmware swapon doesn't handle priority, the ffp one does.

* Power saving (I think there is a firmware command that gives you the power saving state of each disk, but I can't find it =S; also, how can I list open files to try to troubleshoot disk access spinning up?)

I couldn't find it either, but I wrote a script which monitors disk activity, so at least I know when the disks are supposed to sleep.
You can use lsof to show all open files.

Would still like:

When you installed ffp build tools it's fairly easy to build packages like stunnel:

Code:

wget http://path.to/package.tgz
tar -xzf package.tgz
cd package
./configure --prefix=/ffp
make
sudo make install

Sometimes configure complains about missing depencies. In that case you'll have to build and install those first.

I don't know nups, but this can be harder. Maybe you'll need to compile a kernel module for this. In that case you need a Linux pc, and the GPL sources and build tools from ZyXEL.

There is some mail program in ffp, but I never got it to work. (Didn't try very hard, though)

You can find the sources for p7zip here

DSM-G600, DNS-3xx and NSA-220 Hack Forum

Announcement

#1 2009-07-12 22:49:38

FFP sshd and WOL questions

#2 2009-07-13 15:08:35

Re: FFP sshd and WOL questions

#3 2009-07-13 15:59:04

Re: FFP sshd and WOL questions

#4 2009-07-24 18:16:58

Re: FFP sshd and WOL questions

#5 2009-07-25 16:38:42

Re: FFP sshd and WOL questions

#6 2009-07-27 03:01:37

Re: FFP sshd and WOL questions

#7 2009-07-27 10:38:49

Re: FFP sshd and WOL questions

Code:

Code:

#8 2009-08-10 18:20:34

Re: FFP sshd and WOL questions

#9 2009-08-11 11:02:37

Re: FFP sshd and WOL questions

dissidente wrote:

Code:

Board footer