For the last few days I’ve been getting failed login attempts with the following message:
Failed to log in via user account “admin”. Source IP address: 127.0.0.1
I read elsewhere online that running Security Counsellor refreshes a security token, but I don’t have Security Counsellor installed and when I checked available apps for my NAS it wasn’t in the list of available/supported apps.
I was able to install Security Center and I ran a scan, but the failed logins continue to happen a few times a day.
The NAS isn’t external facing and the login attempt is coming from the loopback IP address, so I guess it’s something on the NAS trying to login to perform some task or other, but I have no idea what’s causing it or how to fix it.
If anyone can suggest a fix I’d appreciate it.
Thanks
The admin account isn’t disabled. I’m only using the NAS as a media server and to act as a home directory for scanned documents etc. Also, it isn’t external facing and I’m the only user on my network, so I never bothered to disable the admin acct.
I have the following apps installed:
ClamAV, CodexPack, Container Station, File Station 5, HBS 3 Hybrid Backup Sync, Helpdesk 3.3.4, License Center 1.9.51, Malware Remover 6.6.5, Media Streaming add-on, Multimedia Console 2.8.0, myQNAPcloud 1.1.75, myQNAPclound Link 2.4.63, Network & Virtual Switch, Notification Center, Plex Media Server 1.30.0, Qboost 1.6.3, QNAP AI Core 3.5.0, Qsirch 5.6.2, QTS SSL Certificate, QuLog Center 1.8.1.898, Resource Monitor 1.2.0, Security Center 3.0.3.3481, SMB Service 4.15.003, SSD Profiling Tool 1.0.3047, Video Station 5.8.2
This problem started a few days ago. I’ve haven’t installed anything new for months and I hadn’t updated any of the apps for about the same amount of time (although I’ve updated them all now in case this fixed the issue I’m having - which it didn’t)
There have been no password changes recently.
The timing of the failed logins: It happens a few times per day. The last few were:
Two, last night at 22:47:08 and 22:47:11, then today there was one at 9:01am this morning and then another two at 13:20 and 13:21 this afternoon.
I didn’t have Security Center installed when this problem first started, so I’m not sure it’s the problem. I only have it installed now because I read a post elsewhere saying the failed login was because Security Consultant needed a token refreshed (or something similar) and starting the app and then exiting would do the trick. Security “Consultant” isn’t available for the 453A, but Security Center was, so I installed it, ran scans etc but the problem still persists.
Ok - I stopped HBS3, and the failed logins are still happening.
On the 28th:
1 at 13:35
7 between 16:30 and 16:34
On the 29th:
1 at 15:54
1 at 16:41
1 at 17:32
It’s also worth noting that when HBS3 was enabled, the various sync and backup jobs I have configured were all working just fine.
I know I have seen Security Advisor and/or Security Counselor apps, but neither exists in the web UI now. Based on posts elsewhere I ran the uninstaller: