Networking

Hack the D-Link DNS-323 to get an array of Linux server options

Vincent Danen tells you how the D-Link DNS-323 NAS box can be hacked with a set of scripts to become a full-fledged Linux server. See the options that are available for you to customize on this very affordable device.

There are a number of products currently available aimed to meet home storage needs. Rather than purchasing an entire computer to act as a file sever, these NAS (Network Attached Storage) devices are cheap, and you can typically stuff them in a corner and forget about them, using them to store backups or files that you want to share with other systems. They can be used to share files with those outside of the home network, or strictly for those inside.

One such device is the D-Link DNS-323, a two-bay NAS system that runs Linux. It is a small box, but large enough to store two 3.5" SATA drives, so it can be stored nearly anywhere. By itself, the DNS-323 has a web-based administrative console, has multiple disk options (JBOD, RAID0, RAID1, or individual disks), gigabit Ethernet, allows for SMB (Windows file sharing) and FTP access. It has one USB port for a printer to allow it to be a print server as well, and it can also be an iTunes media server out of the box. All of this is available for roughly $200.

For the average user, this is great as-is. For the tinkerer, you should have zeroed in on the fact that the DNS-323 runs Linux, which makes this tiny little box a whole lot more compelling. If it runs Linux, then it can also run other server-related software that runs on Linux, and it should be infinitely customizable. The good news is that it is -- and it's easy to set up. It has also spawned a little community of hackers that have customized the DNS-323 to be a full-fledged Linux server, to provide NFS sharing, to be a web server with full PHP support, an rsync server, a subversion server, a BitTorrent server, and more.

The tool that is used to hack the DNS-323 is a set of scripts called fun-plug. As of this writing, the latest version is 0.5 and it is a snap to install.

To begin, mount the Volume_1 share from the DNS-323 via SMB. Then go to the directory where you have mounted it on your local system and download the required fun-plug files:

$ cd /Volumes/Volume_1/
$ curl -OL http://www.inreto.de/dns323/fun-plug/0.5/fun_plug
$ curl -OL http://www.inreto.de/dns323/fun-plug/0.5/fun_plug.tgz

Once these are stored in the root directory of the Volume_1/ share, unmount the SMB share and reboot the DNS-323 via the web console. Once it has rebooted, the fun-plug scripts will start, will have extracted the fun-plug tarball and all the tools and scripts it contains, and will have started a telnet server on the DNS-323 that can be used to log in as root.

$ telnet [IP address of DNS-323]

You will be logged in as the root user without a password. Make sure the DNS-323 is not accessible via the Internet right now! We will setup SSH access and turn off the insecure telnet shortly. The next step is to set up the root account with a password. A few steps need to be taken here to ensure the password is set correctly and that it is written to firmware:

# pwconv
# passwd
# usermod -s /ffp/bin/sh root
# login

The login command that is last in the above output is used to make sure the password settings work. If they do, and you are able to login as root with your defined password, exit the session by typing exit; you should still be logged into the DNS-323 as root. Next, save the password settings to flash memory:

# store-passwd.sh

Next, we want to enable SSH access to the DNS-323. You will want to test that it works prior to disabling telnet. To set up SSH, execute the following as root on the DNS-323:

# cd /mnt/HD_a2/ffp/start
# sh sshd.sh start

From another terminal on the local system, try to ssh into the DNS-323 as root. If it works, we can enable SSH and disable telnet, by executing the following in the /mnt/HD_a2/ffp/start directory:

# chmod a+x sshd.sh
# chmod a-x telnetd.sh

If you're paranoid, you may want to reboot the DNS-323 after enabling sshd to start at boot and before disabling telnetd. Once you know that SSH works when the DNS-323 has rebooted, then you should disable telnet.

Now you can hack around further. While I used the SMB access to the DNS-323, I would rather use NFS. This became available once fun-plug was installed; all it needs is to be enabled and configured.

To set up NFS, create the /ffp/etc/exports file with the following contents (customized to your IP address range):

"/mnt/HD_a2" 192.168.1.0/255.255.255.0(rw,root_squash,sync,no_wdelay,insecure_locks,no_subtree_check)

And then enable nfsd, in the same way that sshd was enabled:

# cd /mnt/HD_a2/ffp/start
# sh nfsd.sh start
# chmod a+x nfsd.sh

You don't need to restart the DNS-323 to make sure it works. From another system on the network you can mount dns-323:/mnt/HD_a2 (if "dns-323" was the hostname of the DNS-323 box) and you should be able to access the contents of the NAS directly with full read/write access.

The options here are endless. The DNS-323 isn't the fastest system in the world, but it does run Linux and it can do certain tasks extremely well. The fun-scripts package comes with a number of useful tools out of the box, and there are many others to be had. As well, using the fun-scripts gives you complete control over the DNS-323, unlike the web control panel which, while quite thorough, is still limited. For $200, this may be one of the cheapest Linux file servers to be had, and is certainly a bargain.

About

Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.

10 comments
dave
dave

Do the same hackable/addable features apply to the 4 bay 343?

wizardb
wizardb

Why waste time and money FreeNas lets you use you old out of date comps to setup an awesome file server, torrent ,streaming audio and video machine.

rcdavis
rcdavis

If this thing is a Linux box then why not use SFTP instead? Is there a hack to install a SFTP server?

colinkhalid
colinkhalid

The DNS 320 is an updated version on the DNS 323, (more memory and faster CPU). It also can be hacked. However some of the features that are hacks on the 323 are a standard features on the 320

jpgeek5704
jpgeek5704

Nice, but the Seagate FreeAgent Dockstar has the same capability built in. This is a device that can support 3 direct connect USB devices and looks like a NAS on your home network. It also has a web interface that allows you to share files with the internet. It is a Linux OS and has sshd running at startup so you can ssh to the device and hack away. I haven't done much hacking yet but plan too. I also have two O???Play media devices that runs Linux and telentd which I have hacked to mount other devices on the network.

gh0988
gh0988

Dave said: Do the same hackable/addable features apply to the 4 bay 343? I would assume so. I am planning to do the same on a DNS-343, and I will report.

colinkhalid
colinkhalid

Very true I used to run a FreeNas Server and probably will again. I was only the power consumption / size that made me try the DNS 320

Ganjaman
Ganjaman

One of the problems I have is that the 323 does not allow you to create your UID & GID - it just defaults to 500, 501 etc. Can the UID/GID be slected by the user or thats too much to hope for?

Ganjaman
Ganjaman

The 323 is based on a Marvell 88F5181 clocked at 400MHz, with a separate SATA controller Marvell 88X7042 chip. Technically - the newer 321 has that capability built-in the Marvell 88F5182-A2 @500 MHz but with no USB or print server. You will therefore be able to apply the same hacks to this device. (source: smallnetbuilder.com)