Today while I’m trying to strengthen mobile security by importing openvpn cert and keys into Android keychain, got some problem connecting… so I ps and see if openvpn server is actually running… I discovered that there is a openvpn client connected to a third party openvpn server. I was shocked.
openvpn –client –mute-replay-warnings –auth-nocache –nobind –tun-mtu 1400
–ping-exit 10 –connect-retry-max 3 –proto udp
–remap-usr1 SIGTERM –cipher none
–comp-lzo adaptive –reneg-sec 0 –verb 0
I might be hacked. I thought.
I write to synology support and asked for why and of course it took some days to get feedback…
I whois the server ip 188.8.131.52 and found that it is actually a Synology server.
I further investigate the route-up scripts and discovered that it is actually for the QuickConnect feature.
I turned off the QuickConnect immediately and the openvpn client no longer run.
If you like me don’t want your NAS box to be part of Synology network I’ll suggest not turn on the Quick Connect.
I’m waiting my HP N54L mini server to be shipped from Japan and then I’m going to further strengthen my home network security…