Ad
Ad
Ad
Pages: [1]   Bottom of Page
Print
Author Topic: OT - NAS and FTP Security  (Read 3879 times)
giles
Full Member
***
Offline Offline

Posts: 209


« on: March 26, 2005, 06:03:59 PM »
ReplyReply

Quote
If you can't tell, I'm kind of a newbie at networking.  My question is: is my home network and computers at risk from hackers if I leave port 21 open to the NAS FTP server?

More so than if the ports weren't open. But for someone to access your network they need to find your network (which someone typically will, via automated scans) and then use one of the following methods to access it:

1. guess your password

    Best defence against this is to pick a non-obvious password.

2. "sniff" your password by monitoring network traffic between you and your network while you're accessing it

    Technically that's easy for people in the "right" place (e.g. someone at your ISP, or staff at an Internet cafe that you're using) and hard for anyone else

3. exploit a defect in the software in your router or the NAS device itself to get access without a password at all

   Defence against this is to keep up to date with firmware/software updates for your equipment.  Tireseome, but prudent.

I would worry more about the PCs on your network than I would about the NAS device, however that doesn't mean there won't be an exploit against it tomorrow. :-(

FYI, the "secure" way to access equipment like that is to set up a virtual private network (VPN) that encrypts everything between your network and wherever you are, and use FTP via that VPN.  I don't think this is easy to do yet with purely Windows machines,  but I'm no Windows expert.  The USA's (and other countries') restrictions on export of encryption technology (now /mostly/ relaxed) has hurt the development of products in this area.

Regards,

Giles
Logged
dtrayers
Newbie
*
Offline Offline

Posts: 44


WWW
« Reply #1 on: March 26, 2005, 05:12:23 PM »
ReplyReply

I recently purchased a Buffalo NAS drive and I've set it up as an FTP server so I can access my photos while I travel as well as share them with my family.  I have a small wired network at home consisting of high speed cable internet access, a Netgear router, and WinXP computers for the wife and kids.  

I have to use the port forwarding feature of my router to access the FTP server on the Buffalo LinkStation.  It requires that port 20 and 21 be open all the time.  I do have fairly strong user logins and passwords (limited to 8 characters, though).  If I'm to believe Steve Gibson at www.grc.com, leaving any port open it like inviting a hacker to take over my network.

If you can't tell, I'm kind of a newbie at networking.  My question is: is my home network and computers at risk from hackers if I leave port 21 open to the NAS FTP server?

Thanks!
Logged

- Dave
Pages: [1]   Top of Page
Print
Jump to:  

Ad
Ad
Ad