Jump to content

Securing FTP Server??

bryanlautt

By bryanlautt
in Networking and Hardware

 Share

Recommended Posts

bryanlautt TMN Friend

bryanlautt

Posted
Posted

I have been running my FTP server for a while now but i am curious as to if there is a way to stealth the open port without really closing it and blocking it.  I have a virtual server setup in my router, well actually one for remote desktop and the other one for FTP that way my router lets me get in.  I have my server setup as a username and password in order to get in.  If anybody has a allot of experience in servers i would appreciate the extra hand on making sure everything is secured. 

Then again i dont know why a hacker would want to spend time on trying to get into my machine when there are so many other bigger targets.

Link to comment
Share on other sites
Swimmer TMN Seasoned Veteran

Swimmer

Posted
Posted

I have been running my FTP server for a while now but i am curious as to if there is a way to stealth the open port without really closing it and blocking it. 

Well a little info on FTP.. FTP is extremely insecure..  You are passing user name and password back and forth in plain text.. so if some one were to sniff your connection they would see the user name and password in clear text.  So I would recommend not using FTP by itself.. You can get FTPS which runs over SSL or even better SFTP which is Secure FTP that uses SSH..  Depending on what platform you are running one may be easier to implement than the other..

As far as securing the host.. If you do decide to go with just straight FTP you are going to want to specify IP address or ranges of addresses that are allowed to use the server.  This can be done in the configuration files, at least for linux..  I know that 2000 server and 2003 server you can specify users and IP ranges for those users..   

The final step that I would take would be to implement a disk quota system.. This would prevent someone from dumping say 60 gb of porn or warez onto your machine and using it as a host..

Then again i dont know why a hacker would want to spend time on trying to get into my machine when there are so many other bigger targets.

That is what everyone thinks.. It will never happen to them..  That is exactly what the hackers look for.. It is your responsibility to secure your box..  Cause if your IP comes back as a host for an attack or illegal activity unless you can prove that the box was exploited via logs..

Link to comment
Share on other sites
bryanlautt TMN Friend

bryanlautt

Posted
Posted

Well a little info on FTP.. FTP is extremely insecure..  You are passing user name and password back and forth in plain text.. so if some one were to sniff your connection they would see the user name and password in clear text.  So I would recommend not using FTP by itself.. You can get FTPS which runs over SSL or even better SFTP which is Secure FTP that uses SSH.. Depending on what platform you are running one may be easier to implement than the other..

As far as securing the host.. If you do decide to go with just straight FTP you are going to want to specify IP address or ranges of addresses that are allowed to use the server.  This can be done in the configuration files, at least for linux..  I know that 2000 server and 2003 server you can specify users and IP ranges for those users..   

The final step that I would take would be to implement a disk quota system.. This would prevent someone from dumping say 60 GB of porn or warez onto your machine and using it as a host..

That is what everyone thinks.. It will never happen to them..  That is exactly what the hackers look for.. It is your responsibility to secure your box..  Cause if your IP comes back as a host for an attack or illegal activity unless you can prove that the box was exploited via logs..

Thanks for your advise I am use XP Pro for my platform and running server software on top of that.  which i beefed up the security on it, going to enable the SSL

Link to comment
Share on other sites
dlewis23 TMN Seasoned Veteran

dlewis23

Posted
Posted

Thanks for your advise I am use XP Pro for my platform and running server software on top of that.  which i beefed up the security on it, going to enable the SSL

if you want security get rid of windows XP. go to 2000 or 2003 they would be far more secure for running a server then XP.

Link to comment
Share on other sites
dlewis23 TMN Seasoned Veteran

dlewis23

Posted
Posted

Do you think a person should wait for longhorn???  since all my other platforms have vista on it

that is not going to be till the end of 07 early 08 maybe "we all know how the vista schedule worked" windows  "Vienna" aka. "seven" aka. "7" might be out before longhorn server  :2funny: :2funny:

Your on XP right now witch could be the worst server OS ever, it would be much better to go to 2000, or 2003. It would be much more secure and give you a ton more control.

Link to comment
Share on other sites
bryanlautt TMN Friend

bryanlautt

Posted
Posted

that is not going to be till the end of 07 early 08 maybe "we all know how the vista schedule worked" windows  "Vienna" aka. "seven" aka. "7" might be out before longhorn server  :2funny: :2funny:

Your on XP right now witch could be the worst server OS ever, it would be much better to go to 2000, or 2003. It would be much more secure and give you a ton more control.

I have never used 2000 server or 2003 server, if i do decide to make the switch then to 2003 server I am sure its going to be a new world for me lol

Link to comment
Share on other sites
bryanlautt TMN Friend

bryanlautt

Posted
Posted

you would be surprised how much it is like XP, minus the whole lack of security.. Most patches dont require a reboot and there are updates constantly depending on what you have running on your server.

Thats cool oh and one thing since were on the topic of security, how secure is it to connect to your server using remote desktop and login in to do system changes from your wireless laptop in a another location or even on another ISP network

Link to comment
Share on other sites
just- TMN Seasoned Veteran

just-

Posted
Posted

Server2003 is cool

yeah more secure but a lot more server functionality.

did you bottom down on a type of ftp you going to use and how easy it was to implement

never heard of the other more secure ftp stuff wondering how u got on with it.

Link to comment
Share on other sites
bryanlautt TMN Friend

bryanlautt

Posted
Posted

Server2003 is cool

yeah more secure but a lot more server functionality.

did you bottom down on a type of ftp you going to use and how easy it was to implement

never heard of the other more secure ftp stuff wondering how u got on with it.

It was fairly simple to setup. i decided not to use IIS 5.1 that comes with XP Pro, I just decided to use a software server, it has alot of features and the cool thing about it is that i will still run while the systems is logged off and if i do have a problem i can connect to the server and make system changes.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...