On 08/05/2018 08:22, The Natural Philosopher wrote:
>
> On 07/05/18 23:12, Roger Mills wrote:
>>
>> Seagate provided a facility whereby you could log on at
>>
access.seagate.com and access the files on your NAS. ...
>> ... They have taken down their server, and withdrawn
>> support for the Tappin app on portable devices.
Yes, it seems like it really has gone already:
C:\TEMP>ping
access.seagate.com
Pinging
seagateaccess.tappin.com [208.89.184.225] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for
208.89.184.225:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
>> They apologise for any
>> inconvenience caused(!) and assure me that my data is quite safe - but
>> can only be accessed from within my own network.
So, as others have suggested, you need think about how to gain access
across your own router.
>> My router supports Game and Application Sharing - which permits me
>> (for example) to associate a PPTP server with my Seagate NAS so that -
>> in theory - anything coming in on port 1723 goes to the NAS. Problem
>> is that all such connects are refused!
Probably need to open up the firewall on the NAS as well as the one on
the router.
>> If I log on to the NAS's web interface, it offers me 'Services' of
>> "Remote Access", "Seagate Media", "DLNA" and "iTunes". The first two
>> of these are no longer supported and the last two only work on the
>> same LAN as the NAS.
So you're going to have to hack into the NAS, which means that probably
you'd've done better to post to a Linux NG, but see some suggestions
below anyway.
>> I've no idea what OS the NAS uses - probably some flavour of
>> Unix/Linux
Almost certainly an embedded version of Linux.
>> but it's pretty thoroughly locked down with no ready
>> access to it.
Apparently at one time not securely locked down at all:
https://www.slashgear.com/seagate-nas-drives-can-be-hacked-through-simple-telnet-hole-08402370/
Oh dear! For starters, try telnet from the relative security of your
own LAN!
>> I *can* FTP to the NAS but that doesn't seem to allow me
>> to do much.
>
> Obviously there is a way in, but its not well advertised.
Yes, apparently use telnet!
> It the tappin crap was supposed to work behind a firewall with no
> especial configuration, that strongly implies that the NAS istself sets
> up and maintains a permanent connection to some seagate cloud.
>
> Bit like skype does
Possibly, but that can be disabled now, if the OP can get into the box.
> Now if that is the case you wont be able to use that partucular backdoor.
Unless he subverts it in some way.
> I would try scanning the NAS ports to see which are active.
>
> My guess is that ssh might be open. If its bog standard linux on the
> NAS. Try using PUTTY to connect to it. If that works you can use sftp
> and its chums if you redirect port 22 to the NAS.
Given that telnet may be able to gain access, I would advise starting
with that.
> It is not beyond the bounds of reason either to set up port redirection
> for SMB services on the router so you can actually mount the NAS across
> the internet. TCP ports 139 and 445 and UDP ports 137 and 138 should be
> redirected to the NAS box.
Why would he need Samba/SMB? He makes no specific mention of Windows
devices requiring remote access, only media files, so presumably a
mobile or a tablet, Mac or Android, which are both Linux.
> Obviously you wont be able to 'scan' for the NAS across the internet, so
> you will have to know ip address and tell whatever shite MS uses to
> display shares *for that server*. Or better still use NET USE to mount
> the device as a drive etc
No, no! He doesn't seem to need this at all. NET USE is a (very old
legacy) Windows command to mount a network share as a drive letter.
These days, he wouldn't even need this to connect from a Windows
machine. W9x or older used it, but since 2K+, in fact I suspect even
NT3+, Windows PCs have been able to connect directly using the protocol:
\\Server\Share
> It's not very secure though, but I myself have done this years ago as
> proof of concept.
I suspect the way forward is to tunnel, but, although I understand the
principles involved, I'm not familiar with the practicalities of this.
Back to the OP:
There are two stages involved in customising/hacking such devices:
1) Gaining access, it sounds as though telnet might work, so try that
first, but failing that, see the next link below.
2) Finding a workable method of subverting the boot process to apply
the desired customisations.
Others already may have done some or all of this work for you. I
haven't read the following, but the equivalent Zyxel section was very
helpful to me:
http://www.nas-central.org/wiki/Seagate_Central
Although the following apply to different devices, if you want brief
descriptions of how the above two stages are attained in practice,
together with some example scripts, see also:
http://www.macfh.co.uk/Test/QNAPNMP1000.html
http://www.macfh.co.uk/Test/ZyxelNSA221.html
Also, although it's probably a bit late for you, for future reference,
the moment I buy anything like this I go online and download and save
locally everything related to it that there is the remotest possibility
that I could ever need - PDF Manuals, firmware upgrades, instructions
for hacking into, files required to do so, etc, etc. Here are some
links to things that might still prove useful to you:
Manual:
https://www.manualsearcher.com/seagate/central-srn01c/manual
https://www.seagate.com/files/www-content/support-content/external-products/seagate-central/en-us/seagate-central-user-guide-us.pdf
http://knowledge.seagate.com/articles/en_US/FAQ/005532en
The above from:
https://duckduckgo.com/?t=palemoon&q=Seagate+SRN01C+NAS