Synology terminal show S.M.A.R.T report

smartctl --scan

smartctl -a -d sat -T permissive /dev/sda

/dev/sda is the drive

-aPrints all SMART information about the disk.

-d satSpecifies device type. “Sat” is SCSI to ATA Translation (SAT) that is required with Synology.

 -T permissiveDefines tolerance type. “Permissive” tells to ignore failure(s) of mandatory SMART commands and is required with Synology.
 
The commando also shows Hardware disk information:
 
Model Family:     

Device Model:     

Serial Number:   

LU WWN Device Id:

Firmware Version: 80.00A80

User Capacity:    

Sector Sizes:     

Device is:       

ATA Version is:   

SATA Version is:  

Local Time is:    

SMART support is: 

SMART support is: 

 

To run a short S.M.A.R.T test: 

smartctl -d sat -t short /dev/sda

Synology Hardening

Synology Hardening

Synology Hardening steps to change the default settings to improve security on a Synology NAS. 

Synology Hardening

Synology DSM 6.1 hardening settings:

Using the  Security Advisor:

Install and run the Synology Security Advisor and consider changing the advised mentioned settings. 

Control Panel:
Control Panel, Update & Restore, DSM Update:
  • Update Settings. Change the settings accordingly with in mind that security fixes are applied as soon a possible. 
Control Panel, user:
  • make a new user with full administrative rights, test this new user and disable admin. 
  • Advanced, Password Settings, Select Allow non-administrator users to reset forgotten passwords via email. 
  • Avanced, Password Settings, Apply password strength rules, select;
    • Exclude name and description of user from password. 
    • Include mixed case
    • Include numeric characters
    • Include special characters
    • Exclude common password
    • Minimal password length: 8
    • Password history (times): 1
  • Advanced,Password Expiration, select;
    • Enable password expiration 
    • Maximum password valid duration (days): 183 (except administrator users). Check administrator user Password is always valid. Manually change this password regularly. 
    • Minimum password valid duration (days): 1
    • Prompt users to change password upon login before expiration (days): 14
    • Send expiration notification emails; sent at 12:00, Days before the expiration; 14,10,5,3,2,1 
  • Advanced, 2-Step Verification,
    • Enforce 2-step verification for the following users, all users
Control Panel, Terminal & SNMP, Terminal:
  • (in case) SSH service, advanced settings, High
Control Panel, Security, Security:
  • Improve protection against cross-site request forgery attacks
  • Improve security with HTTP Content Security Policy (CSP) header.
  • Do not allow DSM to be embedded with iFrame.
  • Clear all saved user login sessions upon system restart. 
Control Panel, Security,Firewall:
  • consider enabling firewall which depends on the IT infrastructure. Firewall rules can be enabled for VPN services which can improve security or protect a access for Hyperbackup. This can be implemented with an allow and deny rule for certain services. 
Control Panel, Security, Protection:
  • consider enable DoS protection depending on your IT infrastructure. 
Control Panel, Security,Account, Auto Block:
  • select Enable auto block, login attempts: 10, Within (minutes): 5. Enable block expiration, Unblock after (days): 1. Consider using an allow/block list. 
Control Panel, Security, Account, Enable Account Protection, Untrusted Clients:
  • login attempts:5
  • Within (minutes):1
  • Cancel account protection (minutes later):30 
Control Panel, Security, Account, Account Protection, Trusted clients:
  •  Login attempts:10
  • Within (minutes):1
  • Unblock (minutes later):30 
Control Panel, security, advanced, TLS/ SSL Cipher Suites:
  • Select Modern compatibility 
Control Panel, Network, DSM settings,
  • Selecteer Automatically redirect HTTP connections to HTTPS ( Web Station and Photo Station excluded ). 
Webbrowser:
  • Enable browser's incognito mode or using guest browsing feature when accessing Synology NAS with a public computer

Synology speed test

turn on ssh on the Synology NAS, Control Panel, Terminal & SNMP, enable SSH service. 

root Login using ssh:  

ssh user@servernameoripaddress 

sudo -i 

To download a file from a ftp server (example):

curl -O ftp://ftp.xs4all.nl/pub/test/1gb.bin

To upload a file to a ftp server (example):

make sure you have a 1GB file. Not in the root folder or delete afterwards.

curl -T 1gb.bin ftp://speedtest.tele2.net/upload/

Speed in MByte/s(MB/s or kByte/s)
In case M multiple by 10 for megabit per second(Mbps)
In case k divide by 1000 for MByte/s(MB/s)
In case k divide by 100 for megabit per second(Mbps)

schedule download speed task:

create owner executable file with following contents: 

cd /volume1/homes/user/
curl -O ftp://ftp.xs4all.nl/pub/test/1gb.bin
rm /volume1/homes/admin/1gb.bin

Control panel, Task Scheduler, create task, run command 

/volume1/homes/user/<name file>.sh

Synology DSM 6 LDAP security

Use an LDAP editor like LDAPadmin.

Connect to LDAP server running on Synology NAS.

Host: Synology Nas server

Port: 389

base: cn=config

Simple authentication

TLS selected or deselected

Username: cn=config

password= same as root user LDAP server

After logging in

select cn=config and edit entry

add attribute or change value attribute olcTLSCipherSuite with your values. 

Synology DSM 6 (terminal) service control

Webuserinterface, Synology recommended:

Control Panel, Task Scheduler, Create Scheduled Task, Stop/Start Service 

Terminal command:

ssh admin@server

sudo -i

synoservicecfg --list

synoservicecfg --hard-stop <service>

synoservicecfg -stop <service>

synoservicecfg --hard-start <service>

synoservicecfg -start <service>

synoservice –status

synoservice –restart <service>

synoservicectl –restart <service>

Apache webserver:

stop pkg-apache22

start pkg-apache22

reload pkg-apache22


restart DSM Webapplication:

restart synoscgi


 

Add special Symbols under Mac OS X

For adding special symbols under Mac OS X like m² and m³ this is possible via show Emoji & Symbols. This option can be found under the flag in the menubar. You must activate system preferences, keyboard, show keyboard, emoji, symbol viewers in menu bar. To see the flag go to system preferences, keyboard, input sources  show input menu in menu bar.  

To add the symbols m² and m³ search under Emoji & Symbols to 2 or 3. Here you can add ² and ³. You add this symbols in Mail or Libre Office

 

1 2 3