Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
After attempting to setup the DNS-323 with Debian and the SFTP server, I have decided I'm not talented enough to do it.
So my questions are for those who know what script kiddies are capable of...
Q: If I run the standard FTP server on my DNS-323 (serving backed-up data to nominated RO user accounts), and have my router set to ignore pings to my WAN IP, how easy is it for hackers to detect my open port 21?
Q: If the (open) port 21 *is* found by some pimply-faced loner/nerd, what damage can he/she do to my DNS-323?
Offline
A: Goto www.grc.com and run ShieldsUp! - does it find the open port? They don't need to ping you, the just need to scan for the open port, why use a two step approach when one will do?
A: They probably can't damage your hardware, but they can store whatever they want, and that just could have the feds knocking on your door at some point.
Offline
fordem wrote:
A: Goto www.grc.com and run ShieldsUp! - does it find the open port? They don't need to ping you, the just need to scan for the open port, why use a two step approach when one will do?
A: They probably can't damage your hardware, but they can store whatever they want, and that just could have the feds knocking on your door at some point.
I've tried grc.com and it said all was secure. The data I want available when I'm on the road is nothing the feds would be concerned with; just photos and files created by myself for me and my family. Thanks again for your input, Fordem.
Offline
I don't why I have difficulty getting this point across.
The problem is now what you have stored, it's what they store - did you notice I said "they can store whatever they want"?
Just as an example - kiddy pr0n found on a computer makes the owner an immediate suspect, as does "cracking" tools - your average paedophile may not know the ins & outs of ftp, but as you call them the script kiddies do - so they're not going to be storing incriminating stuff on their computers, when they can do it on yours.
Maybe I'm unnecessarily paranoid, but I live in a small South American republic and I have seen the FBI who have no jurisdication, accompanied by local police (no doubt to make it legal), raid a business place, confiscate equipment and arrest the owner, because of a single email traced back to his ip address.
There are other more secure ways to make files & photos available - Microsoft's Windows HomeServer is one.
Last edited by fordem (2007-10-29 14:42:03)
Offline
Understood. Thanks Fordem.
Offline