I don’t want to use sftp or ftps because its really slow for me as we know it has to encrypt traffic and my server aint powerful.

I will be using ftp just locally at home between PCs, no exposing to internet. Is it still a risk? Can anyone eavesdrop my private local network?

I will also setup sftp separately for remote access over internet because my internet speed is even slower anyway. So ftp will stay on local network.

Share This Discussion

3 Comments

  • tallguyogden

    November 5, 2021

    This is better for r/cybersecurity_help

    Reply
  • CandlesInThDark

    November 5, 2021

    This could be considered safe indeed. BUT:

    If one is able to connect to your wifi you are f’ed. Deactivite anom log in. Assign a custom port to it. Validate thru ip. Fail2ban for blocking bruteforce. Preferable cable connection – no wireless

    All of the above really depends on how sensitive the data is. I would make sure that the system you are using to acces the net is supersecure as that and your wifi will be the 2 main channels if one would want to acces. Last i would chance my wifi pass to 20 characters hexa and special chars.

    For fun and insights or user:pass collection you could add an honeypot to pivot attacks and focus like heralding or even just pentbox on -p 21

    Reply
  • conicalanamorphosis

    November 5, 2021

    Short version is if the attacker doesn’t already have some foothold on your home network he can’t see anything even if it’s clear-text. That said, opening an external service on your home network (SFTP) is a risk to give an attacker a foothold in your network. For moving files from the Internet to a home network, I recommend a cloud storage solution like Google drive or Dropbox. I apologise if this seems harsh, but if you don’t know enough basic networking to answer your question you probably don’t have enough understanding to properly manage and secure an Internet visible service like SFTP.

    Reply

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.