- Slow response and occasion disconnections.
- Unable to upgrade DSM. You always read "Your DSM version is up-to-date." when checking the system version even you know there's a new one already. And you can't upgrade it manually.
- Unable to log in to the admin interface from time to time.
- When connecting via SSH, on the shell you get the error message like: "ERROR: ld.so: object '/lolz/jynx2.so' from LD_PRELOAD cannot be preloaded: ignored." There might be error messages whenever you type a Linux command -- an evidence of been hijacked.
There are certain ways to solve the problem. One thing for sure was that it's nearly impossible to remove the malware because its complication. Most of the solutions were to bypass the prying eyes of the malware and re-install the DSM, such as: replace clean new HDDs to force re-install latest DSM then replace the original HDDs back (If you forget the order of the HDDs... ouch!) or reset the NAS to factory configuration to re-install DSM but you lost most of your parameters (Enjoy the feeling of owning a new machine... ouch! BTW data would be safe). Desperate cures for desperate diseases.
Fortunately I've found a thread (http://forum.synology.com/enu/viewtopic.php?f=7&t=83325) with tons of valuable information and a relatively simple solution. We need to use the glory command line interface (CLI) to save your NAS.
Sign in to your Synology NAS via SSH as root (use the same password as admin):
$ ssh root@xxx.xxx.xxx.xxx
You may still see the error message. Don't worry about it. Now make sure your are at the home directory of root:
$ cd
Rename the .profile, adjust its permission, then log out:
$ mv .profile .profile_bak
$ chmod a+w .profile_bak
$ exit
Log back in to the NAS via SSH. The error message should be gone:
$ ssh root@xxx.xxx.xxx.xxx
Edit the renamed .profile using vi. If you're not familiar with vi, check the basic commands with Linux vi editor on the Synology Forum:
$ vi .profile_bak
Remove all lines having jynx2.so (marked as red), and clean up the setting of PATH. For example:
export LD_PRELOAD=/PWNED/jynx2.so
export PATH=/opt/bin:/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin
export LD_PRELOAD=/PWNED/jynx2.so
export PATH=/opt/bin:/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin
export LD_PRELOAD=/lolz/jynx2.so
export PATH=/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin
After cleaning, it looks like this:
export PATH=/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin
Save the file. Rename it back to .profile and restore its permissions. Log out.
$ mv .profile_bak .profile
$ chmod go-w .profile
$ exit
Log back in your NAS via SSH. Now everything should back to normal. And you're ready to upgrade your DSM, manually -- in real manual style.
$ ssh root@xxx.xxx.xxx.xxx
$ ssh root@xxx.xxx.xxx.xxx
Download the latest DSM system for this particular model of NAS (and save in the directory /volume1/@autoupdate):
$ synoupgrade --fetch-all
You may confirm the downloaded file is in the right place:
$ ls /volume1/@autoupdate
Start upgrade the system:
$ synoupgrade --patch /volume1/@autoupdate/DSM_DSxxxx_xxxx.pat
The system will reboot after the upgrade is completed. You may enjoy the beautiful GUI of DSM 5.x now.
Wait! Let'e make sure everything is happy and safe. Please follow the instructions in the Security Advisor wizard (a new feature in DSM 5.1) to tweak your system for better security (Main menu > Security Advisor). Recommended settings:
- Force stronger password for all users, especially the admin (Control Panel > User > Advanced tab > Apply password strength rules).
- Change the default port numbers for SSH, Telnet (Control Panel > Terminal & SNMP > Terminal tab) and FTP (Control Panel > File services > FTP tab) if you use them.
- Change the default port number for DSM interface (Control Panel > Network > DSM Settings).
- Enable automatic update for DSM (Control Panel > Update & Restore > DSM Update > Update Settings).
留言
張貼留言