FTP server

[AndrewSchofield]

I'm thinking of setting up an FTP server at work, so that we can access files from home over the internet. I understand that i just need some software to set up and run the 'server' and this will manage which folders/files will be accessible via FTP.

Can anyone advise me on the risks and any potential things to consider? How feasible is it that someone unauthorised could gain access to the shared folders and even get into other folders and files on the same PC? Are there any ways to help prevent this or should the software have built in measures to make it secure?

Thanks in advance.

 

[joinerjohn]

You'll need a good Virtual Private Network software package. Make sure users don't reveal their passwords to anyone, and change login details every 3 months or so. Google VPN Software. There's lots out there.
You can set up which files individual users can access via the VPN and which files they can transfer to their own computer. As with any computer connected to the internet, you'll need good antivirus and firewall.

 

[Synapse]

The fact that FTP authentication credentials are provided in clear text is a big risk and that all traffic between the server and client is unencrypted leaving you susceptible to man in the middle attacks.

You could use SFTP and use keys instead of password authentication. Traffic would be encrypted using SSH and keys make it a lot less likely to be brute forced.

You can also use something like sshfs (Linux), Macfuse (Mac) or Dokan (Windows) to provide a remote mounted drive over SSH. Again this could use public/private keys reduce the risk of brute force attacks and all traffic would be encrypted.

 

[timtheenchanter]

also, depending on where you work/what their IP is, standard users may not be able to use FTP, most schools do not have the FTP ports open, except for very specific, approved FTP servers.
Try a service like google docs, or your IPs file storage (if they have one)