Hack the D-Link DNS-323 to get an array of Linux server options

Vincent Danen tells you how the D-Link DNS-323 NAS box can be hacked with a set of scripts to become a full-fledged Linux server. See the options that are available for you to customize on this very affordable device.

There are a number of products currently available aimed to meet home storage needs. Rather than purchasing an entire computer to act as a file sever, these NAS (Network Attached Storage) devices are cheap, and you can typically stuff them in a corner and forget about them, using them to store backups or files that you want to share with other systems. They can be used to share files with those outside of the home network, or strictly for those inside.

One such device is the D-Link DNS-323, a two-bay NAS system that runs Linux. It is a small box, but large enough to store two 3.5" SATA drives, so it can be stored nearly anywhere. By itself, the DNS-323 has a web-based administrative console, has multiple disk options (JBOD, RAID0, RAID1, or individual disks), gigabit Ethernet, allows for SMB (Windows file sharing) and FTP access. It has one USB port for a printer to allow it to be a print server as well, and it can also be an iTunes media server out of the box. All of this is available for roughly $200.

For the average user, this is great as-is. For the tinkerer, you should have zeroed in on the fact that the DNS-323 runs Linux, which makes this tiny little box a whole lot more compelling. If it runs Linux, then it can also run other server-related software that runs on Linux, and it should be infinitely customizable. The good news is that it is — and it's easy to set up. It has also spawned a little community of hackers that have customized the DNS-323 to be a full-fledged Linux server, to provide NFS sharing, to be a web server with full PHP support, an rsync server, a subversion server, a BitTorrent server, and more.

The tool that is used to hack the DNS-323 is a set of scripts called fun-plug. As of this writing, the latest version is 0.5 and it is a snap to install.

To begin, mount the Volume_1 share from the DNS-323 via SMB. Then go to the directory where you have mounted it on your local system and download the required fun-plug files:

$ cd /Volumes/Volume_1/
$ curl -OL
$ curl -OL

Once these are stored in the root directory of the Volume_1/ share, unmount the SMB share and reboot the DNS-323 via the web console. Once it has rebooted, the fun-plug scripts will start, will have extracted the fun-plug tarball and all the tools and scripts it contains, and will have started a telnet server on the DNS-323 that can be used to log in as root.

$ telnet [IP address of DNS-323]

You will be logged in as the root user without a password. Make sure the DNS-323 is not accessible via the Internet right now! We will setup SSH access and turn off the insecure telnet shortly. The next step is to set up the root account with a password. A few steps need to be taken here to ensure the password is set correctly and that it is written to firmware:

# pwconv
# passwd
# usermod -s /ffp/bin/sh root
# login

The login command that is last in the above output is used to make sure the password settings work. If they do, and you are able to login as root with your defined password, exit the session by typing exit; you should still be logged into the DNS-323 as root. Next, save the password settings to flash memory:


Next, we want to enable SSH access to the DNS-323. You will want to test that it works prior to disabling telnet. To set up SSH, execute the following as root on the DNS-323:

# cd /mnt/HD_a2/ffp/start
# sh start

From another terminal on the local system, try to ssh into the DNS-323 as root. If it works, we can enable SSH and disable telnet, by executing the following in the /mnt/HD_a2/ffp/start directory:

# chmod a+x
# chmod a-x

If you're paranoid, you may want to reboot the DNS-323 after enabling sshd to start at boot and before disabling telnetd. Once you know that SSH works when the DNS-323 has rebooted, then you should disable telnet.

Now you can hack around further. While I used the SMB access to the DNS-323, I would rather use NFS. This became available once fun-plug was installed; all it needs is to be enabled and configured.

To set up NFS, create the /ffp/etc/exports file with the following contents (customized to your IP address range):


And then enable nfsd, in the same way that sshd was enabled:

# cd /mnt/HD_a2/ffp/start
# sh start
# chmod a+x

You don't need to restart the DNS-323 to make sure it works. From another system on the network you can mount dns-323:/mnt/HD_a2 (if "dns-323" was the hostname of the DNS-323 box) and you should be able to access the contents of the NAS directly with full read/write access.

The options here are endless. The DNS-323 isn't the fastest system in the world, but it does run Linux and it can do certain tasks extremely well. The fun-scripts package comes with a number of useful tools out of the box, and there are many others to be had. As well, using the fun-scripts gives you complete control over the DNS-323, unlike the web control panel which, while quite thorough, is still limited. For $200, this may be one of the cheapest Linux file servers to be had, and is certainly a bargain.


Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.

Editor's Picks