How to make Synology Reachable on LAN Only
I lately had a dilemma: what is the silver bullet to stop this problem from happening?
DMZ is the solution
I have already disabled the admin account and changed the SSH port. The brute force attack has since diminished but is not gone away.
I need SSH enabled because I work with Docker.
The root cause was that I had whitelisted the IP address of the Synology on my router DMZ in order to reach it from outside my LAN:
Once I turned that on my Synology was reachable only from within my LAN network.
And now yes, I can still use SSH to connect to Docker and other VMs but only within the LAN.
The brute force attack are gone for good.