I have my QNAPs locked down in System Administration > Security > Security Level to High where only my internal network was allowed to access the QNAP. Then I received an access violation email and an external IP trying to access it via Port 1900 (deals with UPnP service). This caused me to be concerned so I went through my firewall and blocked some rouge IPs and turned the UPnP service off on the QNAP. After I did that, I went ahead and limited the access to the QNAP so that only administrator workstations and servers could access the QNAP instead of allowing the whole network.
Now I receive access violations from IPs on my own LAN on port 139 (NetBIOS). No machines need to have access to the QNAP as they are used as backup devices via iSCSI connections. I'm not sure what to make of this. It comes from random machine at random times. I talk to users and they have no knowledge of anything about it. Is this something I should be worried about? I just worry that a hacker is using NetBIOS and trying to gain access. Any ideas or experience on the issue is much appreciated.