Categorie: Synology

Synology check health harde schijven

Storage Manager, HDD/SDD

Select disk and expand information.

Check Status: Normal

Check S.M.A.R.T status: Normal 

Check Bad sector count: 0

Select disk and health info, overview

Disk Reconnection Count, Bad Sector Count and Disk Re-identification Count indicate the total quantity of events that have occurred on your disk or system.

Your data are still safely stored on the disk. Although these parameters provide early warning and information about disk health trends, they do not directly imply imminent disk failure.

Disk Reconnection Count display the sum of S.M.A.R.T. Attribute “UItraDMA CRC Error Count” and other interface issues detected by the system. If this parameter increases abruptly compared to general tendency, it may indicate that the disk or some hardware components are aging.

Select disk and health info, S.M.A.R.T test

Run Quick and Extended test. Check results. 

Select disk and health info, S.M.A.R.T info 

Use https://en.m.wikipedia.org/wiki/S.M.A.R.T. for reference 

check status: OK

Important attributes:

01 Read Error Rate:

(Vendor specific raw value.) Stores data related to the rate of hardware read errors that occurred when reading data from a disk surface. The raw value has different structure for different vendors and is often not meaningful as a decimal number.

If you see any non-zero raw values for ID 1 (for WD and Samsung disks) in the disk S.M.A.R.T. info, the disk is defective.

05 Reallocated Sectors Count : 0

09 Power-on Hours:

Count of hours in power-on state. The raw value of this attribute shows total count of hours (or minutes, or seconds, depending on manufacturer) in power-on state.

By default, the total expected lifetime of a hard disk in perfect condition is defined as 5 years (running every day and night on all days). This is equal to 1825 days in 24/7 mode or 43800 hours.

10 Spin Retry Count: 0 

184 End-to-End error / IOEDC: 0

187 Reported Uncorrectable Errors: 0

188 Command Timeout: 0

196 Reallocation Event Count: 0

197 Current Pending Sector Count: 0

198 (Offline) Uncorrectable Sector Count: 0 

201 Soft Read Error Rate or TA Counter Detected: 

Volgens Synology:

If you see any non-zero raw values for ID 1 (for WD and Samsung disks) and ID 5/197/198 (for all disks) in the disk S.M.A.R.T. info, the disk is defective.

monitor, Synology

Synology terminal S.M.A.R.T rapportage

smartctl --scan

smartctl -a -d sat -T permissive /dev/sda

/dev/sda is the drive

-aPrints all SMART information about the disk.

-d satSpecifies device type. “Sat” is SCSI to ATA Translation (SAT) that is required with Synology.

 -T permissiveDefines tolerance type. “Permissive” tells to ignore failure(s) of mandatory SMART commands and is required with Synology.
 
The commando also shows Hardware disk information:
 
Model Family:     

Device Model:     

Serial Number:   

LU WWN Device Id:

Firmware Version: 80.00A80

User Capacity:    

Sector Sizes:     

Device is:       

ATA Version is:   

SATA Version is:  

Local Time is:    

SMART support is: 

SMART support is: 

 

To run a short S.M.A.R.T test: 

smartctl -d sat -t short /dev/sda

performance, Synology ,

Synology weerbaar maken

Synology DSM 6.1 hardening settings:

  • Control Panel, security, advanced, TLS/ SSL Cipher Suites, Select Modern compatibility 
  • Control Panel, user, advanced, Password Settings, Apply password strength rules, select; 
    • Exclude name and description of user from password. 
    • Include mixed case
    • Include numeric characters
    • Include special characters
    • Exclude common password
    • Minimal password length: 8
    • Password history (times): 3
  • Control Panel, user, advanced,Password Expiration, select;
    • Enable password expiration 
    • Maximum password valid duration (days): 183 (except administrator users) 
    • Minimum password valid duration (days): 1
    • Prompt users to change password upon login before expiration (days): 14
    • Send expiration notification emails; sent at 12:00, Days before the expiration; 14,10,5,3,2,1 
  • 2-Step Verification,select
    • Enforce 2-step verification for the following users, all users
  • Control Panel, Terminal & SNMP, Terminal, (in case) SSH service, advanced settings, High
  • Control Panel, Security, Selecteer:
    • Improve protection against cross-site request forgery attacks
    • Improve security with HTTP Content Security Policy (CSP) header.
    • Do not allow DSM to be embedded with iFrame.
    • Clear all saved user login sessions upon system restart. 
  • Control Panel, Network, DSM settings, Selecteer Automatically redirect HTTP connections to HTTPS ( Web Station and Photo Station excluded )

 

Beveiliging, Synology ,

Synology DSM 6 LDAP beveiliging

Use an LDAP editor like LDAPadmin.

Connect to LDAP server running on Synology NAS.

Host: Synology Nas server

Port: 389

base: cn=config

Simple authentication

TLS selected or deselected

Username: cn=config

password= same as root user LDAP server

After logging in

select cn=config and edit entry

add attribute or change value attribute olcTLSCipherSuite with your values. 

Beveiliging, Synology ,

Monitor de Apache Webserver op je Synology DSM

DSM 5:

Login as root via a terminal session on your Synology NAS.

vi /etc/httpd/conf/httpd.conf-user

add the following lines and fill allow from:

--

#Apache server status
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from <fill in the ip address of your server running your Anturis agent>
</Location>

#Apache server status
#To obtain a full report with current status information
ExtendedStatus On

--

Restart httpd-user daemon:

synoservicectl --restart httpd-user

Within Anturis fill in the monitoring settings:

Apache server connection:

Apache statistics web-page URL (requires mod_status): <servername/server-status>

You can now monitor your Apache webserver running on your Synology NAS.

DSM 6:

Login as admin via a terminal session on your Synology NAS.

sudo -i

create file for example status.conf under /usr/local/etc/httpd/sites-enabled/

--

#Apache server status
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from <fill in the ip address of your server running your Anturis agent>
</Location>

#Apache server status
#To obtain a full report with current status information
ExtendedStatus On

--

Reload Apache server:

reload pkg-apache22

Apache, performance, Synology , , ,

Synology DSM 6 (terminal) service control

Webuserinterface, Synology recommended:

Control Panel, Task Scheduler, Create Scheduled Task, Stop/Start Service 

Terminal command:

ssh admin@server

sudo -i

synoservicecfg --list

synoservicecfg --hard-stop <service>

synoservicecfg -stop <service>

synoservicecfg --hard-start <service>

synoservicecfg -start <service>

synoservice –status

synoservice –restart <service>

synoservicectl –restart <service>

Apache webserver:

stop pkg-apache22

start pkg-apache22

reload pkg-apache22

restart DSM Webapplication:

restart synoscgi

 

htop and top to see your running processes. 

 

Apache, monitor, performance, Synology , , , , ,

Synology DSM versie 6

Screen Shot 2016-03-25 at 10.24.52

Synology DSM versie 6 is uit. Ik kan u helpen bij de installatie/upgrade en configuratie.

De installatie wordt uitgevoerd vanuit de control panel.

De komende tijd zal ik rapporteren over mijn bevindingen met DSM 6:

 

Mijn eerst bevindingen met de update:

  • De installatie wilde niet starten omdat plesk geïnstalleerd was. Door deze te deinstalleren voor de installatie ging de upgrade naar versie 6 door.
  • Zorg dat als je Synology NAS ook DNS server voor het netwerk is en de Synology NAS naar zich zelf kijkt dat je een andere DNS server toevoegt. Bijvoorbeeld 8.8.8.8 , de DNS server van Google. Hierdoor heb je geen probleem dat de NAS na de upgrade naar versie 6 het Internet niet kan bereiken.
  • Daarna begin je met de update van de applicaties die op het NAS draaien want het gros werkt niet meer. Eerst beginnen met de DNS applicatie update, mits je gebruik maakt van de DNS applicatie.
  • Ik heb gemerkt dat als je aangeeft dat je alle applicaties geüpdatet wil hebben er problemen kunnen ontstaan. Dus mijn advies applicatie per applicatie updaten.
  • Ik heb momenteel een probleem met CalDav en Calender op mijn Mac. Calender op de Mac geeft een melding dat connectie niet mogelijk is. Vervelend want ik kan dus nu niet gebruik maken van mijn agenda. Wordt vervolgd. Oplossing gevonden na de installatie moet je Application privileges, WebDav server toekennen.
  • Aan de back-up instellingen hoefde ik niks te veranderen. Aangegeven wordt dat deze succesvol gelopen heeft. De applicatie heet nu Hyper Backup. Time Backup is nog actief maar uitgefaseerd door Synology. Je kan de applicatie dus ook niet meer installeren. Ik heb uiteindelijk de applicatie verwijderd na overstappen op Hyper Backup.
  • De cloudstation client op mijn Mac kon geen contact meer maken. Door de Cloud station drive te installeren was dit probleem verholpen.
  • Two factor authentication getest met IOS 9.3 en Apps DS Audio, DS Photo, DS File, DS Video. DS cloud op IOS logt automatisch in zonder two factor authentication, moet nog verder uitgezocht worden.
  • Ik had voor Apache Server Status geconfigureerd. Deze werkt na de update niet meer. Ben ik nog aan het uitzoeken. Probleem is opgelost en staat in een ander bericht op deze website. 

 

 

Synology ,
1 2 3