DSM-G600, DNS-3xx and NSA-220 Hack Forum

Hi everyone,

After countless hours trying as many different options found in this forum as I can, I have collected up the useful parts, and come up with a go-by that has worked for me for 3 separate DNS323 installs.  95% of this is code from users of this forum, who deserve all the credit

Some pre-notes:
-I am a windows admin/user, and am writing this as a 101 user guide for other windows admins/users who may not have the time to deep-dive into Linux just to complete one step of a large network build-out project.
- if this go-by has redundant /unneccesary steps, I welcome any changes!
-I have made arbitrary decisions for where to save backup files to counter the reboot.  I welcome advice on those too!
-This option allows multiple users to have secured access to multiple secured folders within the DNS.

Prerequisite software:
notepad++
PuTTY
Laptop running Linux (I used Ubuntu Netbook 10.10 running on USBStick, using pendrivelinux.com)
DNS-323 firmware v1.09

Some Linux commands:
VI Commands
x      #erases letters
dd    #erases a line
3dd  #erases 3 lines
i       #inserts (allows editing. Don't use arrow keys while in this mode)
ESC #exits insert, resumes scrolling
ZZ   #Saves and quits
:q!   #force exits

#use SUDO before every command in Ubuntu Terminal

#NOTE: Make sure the Linux Laptop and the DNS-323 have the correct date/time set, within 5 minutes of the domain server,
#or you will not get the secrets.tdb file, later in the go-by!


##GO-BY##
____________________________________________________
DNS-323

#Set Date/Time
#Do not change the DNS box name yet
#Download funplug
#enable ftp for anonymous root
#ftp to root, then cd to Volume_1
#upload fun_plug and fun_plug.tgz
#reboot NAS

#Verify ffp works by Putty to NAS (NOTE: PuTTY defaults to SSH...switch to Telnet for this step)
#If you get a '#' symbol, ffp correctly installed. Close PuTTY.
____________________________________________________
LINUX Laptop (Ubuntu Netbook 10.10 running on USBStick, using pendrivelinux.com)

#Set Correct Date and Time in the Ubuntu GUI
#Open Terminal
sudo vi /etc/samba/smb.conf

#Substitute HOME and HOME.LOCAL for your NETBIOS and FQDN of your domain, below.
#dns323 is what I called my DNS box, you could call it NAS, if you like, but remember what you called it 
#Point your WINS to a local WINS, if you are running one
#Edit/Add the following lines:

  workgroup = HOME
  netbios name = dns323
  security = DOMAIN
  realm = HOME.LOCAL
  wins server = 192.168.0.8
  name resolver order = host wins lmhosts bcast

#Save and Exit smb.conf

sudo vi /etc/hosts

#Add the following line
#Substitute the IP address below with the IP address of your server. 
#Put in it's FQDN, followed by a TAB, followed by its NETBIOS name.

192.168.0.8 server3.home.local server3

#Save and exit hosts

#substitue HOME.LOCAL below with the FQDN of your domain)

sudo net join -W home.local -U Administrator
#type in domain admin password
#You will get a Kerberos Error, but it will update secrets.tdb in var/lib/samba, and
#Active Directory will accept it a a domain PC

ls -l /var/lib/samba
#Verify the secrets.tdb has a time-stamp of a few seconds ago
#copy secrets.tdb to thumb drive
#Shutdown Linux (to avoid duplicate names on the network)
____________________________________________________
#Using Notepad++, copy, paste, save the code below to a thumbdrive as 'samba-addomain.sh'
#Note: I included a line to grab the stashed copy of smb.conf and drop it into the runnig config.
#It is not in that location yet though, so don't reboot the DNS yet


#!/bin/sh
smbd_start() {
      cp -p /mnt/HD_a2/ffp/etc/secrets.tdb /tmp/samba/secrets.tdb
      cp -p /mnt/HD_a2/ffp/etc/smb.conf /etc/samba/smb.conf
      killall smbd
      /usr/bin/smbd -D
}
smbd_stop() {
  killall smbd
}
smbd_status() {
  echo
}
case "$1" in
  stop)
      smbd_stop
      ;;
  restart)
      smbd_stop
      sleep 1
      smbd_start
      ;;
  status)
      smbd_status
      ;;
  start|'')
      smbd_start
      ;;
  *)
      echo "Usage: $0 start|stop|restart|status"
      ;;
esac
______________________________________________________

DNS323 Box


mount -t minix /dev/mtdblock0 /sys/mtd1
mount -t minix /dev/mtdblock1 /sys/mtd2
#EDIT both copies of smb.default
vi /sys/mtd[12]/smb.default
#Change the line "workgroup = workgroup" to "workgroup = HOME" (Be careful NOT to include a space after HOME)
#Change the line "nebios name = dlink-xxxxxx" to "netbios name = dns323" (or whatever name you chose above, e.g. NAS)
#Change the line "security = SHARE" to "security = DOMAIN"

#Save and exit smb.default

sync
umount /sys/mtd1 /sys/mtd2

________________________________________________________
#ftp secrets.tdb and samba-addomain.sh to Volume_1 root
#Using PuTTY, telnet to /mnt/HD_a2
chmod 777 secrets.tdb and samba-addomain.sh
cp -p secrets/tdb /mnt/HD_a2/ffp/etc/secrets.tdb
cp -p samba-addomain.sh /mnt/HD_a2/ffp/start/samba-addomain.sh
cp -p /etc/samba/smb.conf /mnt/HD_a2/ffp/etc/smb.conf
rm secrets.tdb
rm samba-addomain.sh

#reboot NAS (using web admin)
_________________________________________________________
#Login to NAS (Web)
#Verify device name and workgroup are correct
#(workgroup may contain a space at the end of it, and if so, delete it)
_______________________________________________________

#create users, name them exactly the same as the AD users logon name.
#Create a random 5+ digit password and ignore it.
#Share out folders as necessary, and bind them to just one user
#Remove default share (Volume_1)

#Using Putty, telnet into DNS323 and edit /etc/samba/smb.conf
#Scroll down and add additional users as necessary to each share, separated by a space.
#NOTE: Spell the accounts correctly, as it will accept without verifying! SAMBA names map to Linux names
save smb.conf
smbd stop
smbd start
cp /etc/samba/smb.conf /mnt/HD_a2/ffp/etc

_______________________________________________________
#Add root password, turn on SSH, turn off Telnet

pwconv
passwd
usermod -s /ffp/bin/sh root

pwck
grpck
#You may ignore warnings about missing home directories and invalid group names.
#If asked to remove a duplicate user, say 'yes' to remove one of them. Rerun the commands to check that it's fixed

#Test your changes with the login program:

login
#If that worked, save the password files to flash memory:

store-passwd.sh

#test ssh login:
cd /ffp/start
sh sshd.sh start

#Use PuTTY, switch to SSH, and attempt to login
#If successful, shut down telnet, and have SSH start on reboot

cd /ffp/start
chmod a-x telnetd.sh
chmod a+x sshd.sh


##/END GO-BY##

Things I am still working on next:
- The editing of SMB.conf is unnecessarily complex.  I'd like to use SWAT, but it seems SWAT is only available if you install the full SAMBA, which updates the SAMBA on the box.