Joey19990 Posted May 18, 2016 Share Posted May 18, 2016 Hello everyone. I'm still pretty new to UnRAID and Linux in general so I apologize in advance. So I've got three issues. 1. Cannot connect to UnRAID through anything but browser. Can't access shares. When I try to map it as a network drive, it says something about the network password being incorrect. I made a user called Joey and changed my computer name to Joey. The user in unraid has a password but my windows machine does not. The server no longer appears in the "Network" area of windows along with other computers on my network. It used to. After that I was able to login by mapping it as a network drive. Then, I can no longer access my shares. I'm trying to map as \\192.168.1.157\Plex\ but it won't let me in. I know the username and password are correct. 2. Extremely slow transfer speeds and network issues.While I was transferring my data over to the new unraid server (when I could still access it see above), I was getting at best 3MB/s. I have a 120Gb SSD as a cache, which was enabled. Both enabled and disabled the transfer speeds were the same. I highly doubt that my router is the issue since it's a Linksys 1200AC which has gigabit lan built in. I doubt it's my PC since I've seen much better transfer speeds than that over the internet. Plus I'm using a PCIE intel NIC. I think this must be a software issue since the server is connecting to the internet (I can ping google) and the Ethernet port I've plugged into the server is a 100Mb/s port. 3. Mapping a network drive for Plex to see. Plex is on the UnRAID server and I want to map another network drive to that. I have a hard drive attached to my router. I was able to map the drive in windows, but I'm having trouble in unraid. For reference, here's the server I bought. http://www.ebay.com/itm/Supermicro-2U-Server-X8DTN-2x-Xeon-X5550-2-66ghz-QC-48gb-HW-RAID-SAS826EL1-/291758126390? Here's the RAID card I'm using if that helps: http://www.ebay.com/itm/291641245650?_trksid=p2057872.m2749.l2649&ssPageName=STRK%3AMEBIDX%3AIT I appreciate any help you all can provide. Thank you! tower-syslog-20160518-1832.zip Quote Link to comment
Joey19990 Posted May 19, 2016 Author Share Posted May 19, 2016 Ok, so I found out why I couldn't map it as a network drive. For some reason unraid deleted my password for user Joey whenever I rebooted the machine. I have to input it back in through the web browser (like I'm putting a password on the account for the first time) each time I reset the server. So I guess that solves #1. I'm still quite concerned about #1 though. Any thoughts anyone? Quote Link to comment
Squid Posted May 19, 2016 Share Posted May 19, 2016 sounds like you can't write to the flash drive. Post your diagnostics (or install fix common problems, run it, and then post diagnostics) Quote Link to comment
Joey19990 Posted May 19, 2016 Author Share Posted May 19, 2016 I can access the server again. What happens is every time I reboot the server, it erases user "Joey"'s password. That caused an issue with windows connecting. I've attached my diagnostics for reference though. I'm still having the issue where I'm getting maximum 3MB/s writes to the server. I'm using the cache drive. Also, Plex is having trouble actually matching any of my movies. It's going extremely slowly all around. tower-diagnostics-20160519-1749.zip Quote Link to comment
Squid Posted May 19, 2016 Share Posted May 19, 2016 Rather curious if you've been trying to login unsucessfully as admin, support, and a whack of other common logins. If not I would immediately pull the plug on your modem as hack attempts are happening and any password can be hacked via brute force. Do not expose your server directly to the internet or put it within a dmz Sent from my LG-D852 using Tapatalk Quote Link to comment
Joey19990 Posted May 20, 2016 Author Share Posted May 20, 2016 I've been able to log in successfully as root with the password I set. I am able to log into the server through windows once I set the password back up on user Joey. Do you really think this is a hack attempt? It seems pretty unlikely to me. I've noticed no other weird behavior from the server besides the password thing and the slow transfer speeds. Quote Link to comment
Squid Posted May 20, 2016 Share Posted May 20, 2016 I've been able to log in successfully as root with the password I set. I am able to log into the server through windows once I set the password back up on user Joey. Do you really think this is a hack attempt? It seems pretty unlikely to me. I've noticed no other weird behavior from the server besides the password thing and the slow transfer speeds. ok... Explain why there's a ton of failed login attempts using the user names (not the complete list): root admin user tech support unknown manager ubnt . . . May 19 17:42:01 Tower sshd[8384]: Failed password for root from 183.3.202.174 port 58854 ssh2 Looks like that's in China. Literraly half the syslog is the above line May 19 04:45:07 Tower sshd[10887]: Failed password for invalid user user from 91.224.161.54 port 42267 ssh2 May 19 04:45:07 Tower sshd[10887]: Failed password for invalid user user from 91.224.161.54 port 42267 ssh2 May 19 04:45:08 Tower sshd[10887]: Failed password for invalid user user from 91.224.161.54 port 42267 ssh2 May 19 04:45:08 Tower sshd[10887]: Failed password for invalid user user from 91.224.161.54 port 42267 ssh2 May 19 04:45:08 Tower sshd[10887]: Failed password for invalid user user from 91.224.161.54 port 42267 ssh2 May 19 04:45:10 Tower sshd[10887]: Received disconnect from 91.224.161.54: 11: [preauth] May 19 04:45:10 Tower sshd[10887]: Disconnected from 91.224.161.54 [preauth] May 19 04:45:11 Tower sshd[10900]: Invalid user manager from 91.224.161.54 May 19 04:45:11 Tower sshd[10900]: input_userauth_request: invalid user manager [preauth] May 19 04:45:11 Tower sshd[10900]: error: Could not get shadow information for NOUSER May 19 04:45:11 Tower sshd[10900]: Failed password for invalid user manager from 91.224.161.54 port 40063 ssh2 May 19 04:45:13 Tower sshd[10900]: Received disconnect from 91.224.161.54: 11: [preauth] May 19 04:45:13 Tower sshd[10900]: Disconnected from 91.224.161.54 [preauth] May 19 04:45:15 Tower sshd[10912]: Invalid user ubnt from 91.224.161.54 May 19 04:45:15 Tower sshd[10912]: input_userauth_request: invalid user ubnt [preauth] And its happening every 2 seconds. Like I said, pull the plug on your modem until you get an idea of what's going on. Only a matter of time before your password is cracked via brute force. And you don't know right now if the same thing is happening to all of your other devices. You've either got the server sitting in your router's DMZ, the router's firewall disabled for some reason, or have forwarded a bunch of ports that you shouldn't be to the server in the router. Quote Link to comment
CHBMB Posted May 20, 2016 Share Posted May 20, 2016 I second this. You're being hacked.... Quote Link to comment
Joey19990 Posted May 20, 2016 Author Share Posted May 20, 2016 I see... That IP address is from the Netherlands. I'm nowhere near there at all. So I guess you guys are right. I haven't unplugged my modem, but I did remove the server from the DMZ, and turn off port forwarding. I was only forwarding port 32400 for plex on the server. I have no other DMZs or ports forwarded. What do I need to do before I can reconnect my server to the internet again? I need to be able to stream over the internet. Thanks for the heads up though. Quote Link to comment
Squid Posted May 20, 2016 Share Posted May 20, 2016 I see... That IP address is from the Netherlands. I'm nowhere near there at all. So I guess you guys are right. I haven't unplugged my modem, but I did remove the server from the DMZ, and turn off port forwarding. I was only forwarding port 32400 for plex on the server. I have no other DMZs or ports forwarded. What do I need to do before I can reconnect my server to the internet again? I need to be able to stream over the internet. Thanks for the heads up though. Getting it out of the DMZ should be sufficient. Forwarding the port for plex is ok. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.