 Bob asks, he says, I looked in my activity log on my Synology Disk Station and saw all kinds of IPs, listings of failed logins. And he says, is the NAS being targeted? Are people trying to hack in? He says, I went back a few months and there are thousands of similar entries. I think that I have my NAS protected correctly, but would love to have you cover that briefly on a show. Yeah. So, yes, your NAS is being targeted. People, Synology and QNAP and, you know, probably others, but certainly those two are popular network storage devices. And so people know that they could sniff around and they're popular devices that have common open ports, right? Unless you change all kinds of things on it, you're going to have ports five thousand or five thousand one open for login to your your stuff and and potentially others as well. Ten thousand three is another one. But but you want those open so that you can access your NAS from remote. Other people know this and they start banging on the door. This is one of the reasons that if you're running DSM seven on your disk station, which if you can, you should, it will tell you you should not have an account named admin as an active account. You should deactivate the admin account. And the reason for this is because that's only that's one of only two pieces that people would need to log into your disk station username and password. And admin is the default was the default username for all disk stations with full complete route access on it. So that's why they're telling you to turn that off because now you're leaving it to only one piece of information that people need to guess the password for your route, your admin user. This kind of stuff happens all the time on my units. I see it regularly. I highly recommend that we all go in to on our disk stations, go to control panel, security, protection and enable auto block. I've got mine set to block after ten failed login attempts after five minutes. And then I have mine expire after one day. And the reason I do that is just in case it's me. If I'm traveling and I screw up and try to log in and I lock myself out, I want to be able to get in at some point. So that's why I have it unblocked after one day. I don't know if I should be sharing that on a podcast listened to by two by tens of thousands of people. But we're the Mackey kept family here until we find a better term that John's working on with all of you. But we'll all still be the Mackey kept family. So I trust you folks. So, you know, I don't know, Pete, you had an interesting take on this, though, on auto. Yeah, and let me ask it before I go into my thing on that you what you have it block is only the IP address from whence it is coming, right? That's the only thing you can walk. That's so but it's so it's not blocking your account. So you if you're staying at the same place, you want to be able to get in tomorrow, that sort of thing. Correct. Correct. Yeah. So OK. And mine is my hotel's IP that's being blocked. I want that to unblock tomorrow so I can try again. That's OK. So so stupid question. Could you use a VPN? Yes, your IP address. OK, so of course, of course, of course, I get your work around. It is. So so that would then allow you to use my method, which is I think I don't think I have mine ever expired. I think once your IP address is blocked, it's blocked. And I also set it to like four failed attempts in like five hours. So interesting. And a time for five minutes is a lot of attempts. Four attempts of five hours is not a lot of attempts. And I use my one password in order to get. So I'm not worried about not getting in. OK, that's really smart. I'm going to go change mine right now while we're doing this. No, seriously, like this is this is a great idea. Yeah, why would I want to only block it in five minutes? I mean, if it happens in five minutes, it will also still be blocked because five minutes is is a subset of four hours. So yeah. Yeah. Yeah, I know. Yeah. Let's go with the longest. Sorry, hit the mic. Let's go with a longer time frame and we'll. Yeah. But catching more fish in that net, shall we say? Yeah. All right. So I've set mine to I'm going to set it to five login attempts within 300 minutes, which is five hours. There you go. Yeah. And then to put the other thing going back to another show recently, I have found and it could be purely anecdotal, but Dave, I'm using tail scale. OK, I find that my disk station seems much more responsive, much more. It's just faster. Am I wrong? I probably am. But it feels like it's just working faster. It almost feels like it's I'm on the same and I am on the same virtual network with it. Yeah. But it eliminates the whole login issue and all of that. Huh. I mean, you still have to log in. I think. Yeah, you're right. I do. Yep. Now that you mentioned it, I did have to log in. But but. And now I'm getting echoes after using tail scale. I don't know why. Yeah. I'm going to mute you while I talk here for a second just because I'm getting echoes from your scenario there, which is fine. Yeah, tail scale. Yeah, you wouldn't have to re log in constantly because your IP address of your client device, even as it moves around the world, stays exactly the same, just like the IP address of your disk station says the same. So it sees you as logging in from the same computer, which it is it's just cool because you're all over the world and it doesn't matter. That's where tail scales perfect at doing that. So I mean, whether it's faster or not, I don't I mean, tail scale uses WireGuard as at its core. WireGuard is a pretty efficient VPN, but yeah, I mean, I don't. I mean, it could be faster than whatever other VPN or authentication method you're using. Yeah, it may just be anecdotal, you know, and it probably was from whatever wherever I was that day. Yeah. Yeah. Yeah, I'm changing this on all of mine. So I'm going five attempts in 300 minutes on both of my publicly accessible disk station. So that is now done. I like this. That's really smart, man. Yeah. Why would I limit it to just five minutes? Because I mean, you know, if somebody tries that many times in five minutes, it's still going to get blocked. Even if it's if it's look ahead window or its look back window is five hours.