Troubleshooting Q&A - August 26, 2004
Will Adding NAS Attract Worms and Viruses?
Network attached storage is a good option if you work with large amounts of data. We look at ways to keep that data flowing but the viruses at bay. Plus, how to configure your router for online games and voice chat.
By Ron Pacchiano
Q. I work at a small architectural firm. We deal with an enormous amount of files and are constantly running out of storage space. For this reason, I have been considering upgrading our server's hard drive. I'm a bit apprehensive, though, since this is such a huge job and the potential for problems is high. As an alternative, I started looking into a replacement server. The cost of a new server though is extremely high and, unfortunately, it's just not in the budget right now.
As an alternative, I'm considering purchasing a low-cost NAS (Network Attached Storage) device. This would solve my immediate problem and buy me some time until the budget could handle the expense of a new server. The only concern I have with this solution is that after reading several reviews on these products, few vendors seem to address the issue of virus and worm protection. Do you have any suggestions that might help quell my fears about this issue? Any information on this matter will be appreciated. Thanks.
A. Surprisingly, in our research on NAS devices from various vendors, we found little mention of anti-virus support, even in high-end products. Viruses and worms vary greatly in their behavior, and there is no question that NAS devices can be vulnerable to their effects. Chances are that a low-cost NAS device will not have any kind of native anti-virus support.
We learned this lesson about a year ago when the dreaded Nimda worm made its rounds. We had deployed a NAS device to host the home directories of individual users, and each user had their home folder mapped as their Z: drive. Like many worms, Nimda copied itself to any drive it found, and thus the NAS device became infected.
If you are dealing with a NAS device that lacks integrated anti-virus support, a quick-and-dirty way to guard against viruses would be to make sure that you include any mapped drives when configuring anti-virus scans on the client side. Better still, if you are using a centralized server-based anti-virus product, you can configure it to regularly scan the entire NAS device, either by mapping the root folder as a drive letter or by creating an administrative share, and then including one or the other in your daily scan. Another option is to use a command line anti-virus scanner (Symantec offers one), which may provide more flexibility and also supports Unix and Linux operating systems, on which many NAS devices, particularly the lower-cost models, are based.
Unfortunately, none of these options will give you real-time virus protection, but regular scans will prevent virus-laden files from stowing away on your NAS device and possibly re-emerging later on.
Another option is a product from anti-virus software provider Trend Micro. ServerProtect provides anti-virus scanning for network appliance files detecting and removing viruses from files and compressed files in real time before they reach the end user. Administrators can use a Windows-based console for centralized management of virus outbreaks, virus scanning, virus pattern file updates, notifications and remote installation. If your going to invest in a NAS device and aren't comfortable with the passive protection that comes with just scanning a mapped drive, than Trend Micro's ServerProtect product could be just what your looking for. You can find out more about it here.
Q. I have a cable modem connection and I use Hotmail to communicate with a friend in another city via voice chat while playing online games. Everything works fine when my computer is connected directly to the cable modem, but when I try to do it through my NetGear router, neither the games nor the chat will work. Can you help me with this problem?
A. Your problem seems to be a relatively straightforward one. When your computer is connected directly to your cable modem, traffic flows unfettered between your computer and your friend's, allowing you to play online games and engage in voice chat. Put the router into the equation, though, and some or all of the traffic that support these capabilities is being blocked by default, so they no longer work.
What you need to do to resolve this problem is determine which ports are required by the features you are using, and configure your router's port mapping feature to forward those ports to your machine. (Your friend, incidentally, will probably need to so the very same thing on his or her end.)
The ports necessary for online gaming will depend what game you are playing or what online gaming service you are using. This information should be provided in the documentation and/or on the Web site.
You also said you were using Hotmail to conduct voice chats with your friend. I assume you meant Windows Messenger, of which Hotmail is the e-mail component. As it turns out, configuring a firewall to support the advanced features of Windows Messenger can be difficult (it uses a lot of dynamically assigned ports) and depending the equipment you and your friend have, it may not even be possible. Microsoft offers a lot of technically detailed information regarding how to configure firewalls and router NAT (Network Address Translation) devices to work best with Windows Messenger.
Microsoft recommends UPnP (Universal Plug and Play) compatible routers in order to use all of Windows Messenger's features. (They're better able to manage the constantly changing port mappings that are needed.) You may want to consider getting a router that supports UPnP, or checking to see if your (and your friend's) current router can be upgraded to support it.
A quick and easy way to accomplish the connectivity you want would to be to put your computer into the router's DMZ (demilitarized zone), which would let the router pass any traffic it encountered to your PC. However, this is not advisable (nor is keeping your PC connected directly to your cable modem, for that matter), because it will leave the computer vulnerable to attack.