7h3kk1d Posted September 7, 2010 Posted September 7, 2010 I want to share some of my folders on my ubuntu desktop via FTP and was wondering whether I should make a lightweight vm to do it or just install some ftp server app and run it? Quote
Mr-Protocol Posted September 7, 2010 Posted September 7, 2010 (edited) I use filezilla ftp server. Works pretty well. Just remember if you are trying to access from the internet you need to forward ports accordingly. Just make sure you set passwords. Edited September 7, 2010 by Mr-Protocol Quote
Infiltrator Posted September 7, 2010 Posted September 7, 2010 (edited) I have been using CerberusFTP for quite a while and I am really happy with it. It also supports encrypted connection, if you are paranoid about someone eavesdropping into your connection. Very easy to set up and to configure. And if you have to access files from over the web, just do what MrProtocol suggested, open forward ports accordingly. Edited September 7, 2010 by Infiltrator Quote
digip Posted September 7, 2010 Posted September 7, 2010 Make sure when port forwarding you forward both 21 AND 20. FTP requires both ports. Quote
Mr-Protocol Posted September 7, 2010 Posted September 7, 2010 I would suggest creating your own ports for FTP instead of using the default 20/21. This way you wont get spammed with failed logins (or possibly successful logins) from scripts that will scan for the open port and hammer it since it knows it is FTP. Quote
Infiltrator Posted September 7, 2010 Posted September 7, 2010 Changing the default ports doesn't only minimize the scan attacks but it also gives you a bit more protection. Since the attacker will have to guess what services are running behind those ports. Quote
digip Posted September 8, 2010 Posted September 8, 2010 Changing the default ports doesn't only minimize the scan attacks but it also gives you a bit more protection. Since the attacker will have to guess what services are running behind those ports. A port scan would tell you the ports open if the machine in question is online and running the service, and then once you find one, connecting with something as simple as netcat or even a telnet client will usually yield a header, such as what version of the ftp software your running, or ssh, web server, etc. Security through obscurity isn't really security at all. It only ads 30 seconds more work. Quote
Infiltrator Posted September 8, 2010 Posted September 8, 2010 A port scan would tell you the ports open if the machine in question is online and running the service, and then once you find one, connecting with something as simple as netcat or even a telnet client will usually yield a header, such as what version of the ftp software your running, or ssh, web server, etc. Security through obscurity isn't really security at all. It only ads 30 seconds more work. Thanks for correcting that up, but I did know that it would take more than a port scanner to reveal the real services running behind those ports. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.