Security Concerns?

Need help with FileZilla Client? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
Quackstar
500 Syntax error
Posts: 14
Joined: 2008-03-09 05:33

Security Concerns?

#1 Post by Quackstar » 2008-08-20 21:49

Ok, i'm tring to install an ftp server on a computer inside of a network, but the network person is concerned about security. He wants proof that other computers are going to be safe.

Here's my setup:
-Behind a router
-No account called administrator (stops 99% of ftp hack bots)
-Autoban on 6 attempts, bans for 999 hours
-Annonymus account removed
-New account has both numbers and letters and is 7+ chars
-Norton antivirus on computer with server, Kaspery (sp) on the rest (both have some kind of firewall)
-Only linking to two HD's on computer
-Tring to find a way to limit number of incoming connections, attempting to prevent a dos attack.

The network person is concerned that user can gain access to other computers on the network. My understanding was that thiers no way to get to it, because a) all links to folders or network shares are .ink's, and are downloaded, not redirected to destination folder. Can someone confirm this?

What other security risks are involved after i have used all the above settings? Can someone gain access to other computers on the network?
Top
User avatar
botg
Site Admin
Posts: 35650
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: Security Concerns?

#2 Post by botg » 2008-08-20 21:56

Autoban on 6 attempts, bans for 999 hours
Disable autoban, it is entirely useless. It causes more problem (> 0) than it solves (<= 0).
Norton antivirus on computer with server, Kaspery (sp) on the rest (both have some kind of firewall)
That'd be the biggest security holes. Both are known to contain several critical security vulnerabilities. And since they are proprietary closed source software, you can't trust them at all. Could as well give a crack addict the key to your vault and tell him he'll get 5 dollars if he guards it until you return.
Tring to find a way to limit number of incoming connections, attempting to prevent a dos attack.
It is impossible to prevent DoS attacks. An dedicated attacker just floods you with so many packets that your connection will be 666% saturated, regardless on your configuration or if you even have any services running.
Top
Quackstar
500 Syntax error
Posts: 14
Joined: 2008-03-09 05:33

Re: Security Concerns?

#3 Post by Quackstar » 2008-08-20 22:08

Ok, but what can an outside user do? My main question is if they can gain access to other computers on the network?
Top
insightpcs
550 Permission denied
Posts: 29
Joined: 2007-02-18 17:01
Location: Nuneaton, UK

Re: Security Concerns?

#4 Post by insightpcs » 2008-08-20 23:53

its possible, but if the correct security measures are in place (i.e. firewalls etc) then its very unlikely to happen
Tyrone Westall, Insight Computer Consultants Webmaster
Top
User avatar
botg
Site Admin
Posts: 35650
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: Security Concerns?

#5 Post by botg » 2008-08-21 07:30

Firewalls? More snake oil.

As far as FileZilla Server is concerned, it is not possible to access any directory that is not explicitly shared. Feel free to do a full code review to verify my claim.
Top
Post Reply

Return to “FileZilla Client Support”