B4J Question FTP Server and Security

RickV

RickV

Member
After implementing my ftp server and opening a few ports on the network firewall, I have noticed what seems to be a few requests to use my server as a hop....

Is there any security issues I should know about?

I have set usernames and passwords, quite lengthy and unmeaningful really and know that a connect from windows pops up a username and password dialogue box and a ftp client well you need to enter these credentials before hitting the connect button.

B4X: 
FTPSer.AddUser("mmftp4dataC0nn3ct","pa55w0rd.Sf0rC0nn3ct.")

Logs
B4X: 
Number of clients: 0
client: CONNECT www.google.com:443 HTTP/1.1
client: Host: www.google.com:443
client: User-Agent: Go-http-client/1.1
client: 
terminated
Number of clients: 0
 
Sort by date Sort by votes
MicroDrie

MicroDrie

Well-Known Member
Licensed User
Old School security wisdom was based on you know what (username and password) and you have some of yours like the data in a cookie. You must realize that this method only protects against unauthorized access by third parties. It is important that you close your FTP server environment very tightly and that all OS and FTP server environment updates are always protected with the latest security fixes.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

aeric
  • Article
Share My Creation [Project Template] [Web] API Server 2
2 3 4
Replies
61
Views
12K
aeric
aeric
aeric
  • Article
Share My Creation [Project Template] [Web] API Server
4 5 6
Replies
110
Views
30K
aeric
aeric
Erel
  • Locked
  • Article
Android Tutorial [B4X] Net library (FTP, SMTP, POP) with Wait For
Replies
17
Views
31K
DonManfred
DonManfred
Erel
  • Article
B4A Library [B4X] FTP Server implemented with Socket and AsyncStreams
2 3
Replies
43
Views
40K
OliverA
OliverA
Erel
  • Locked
  • Article
B4J Tutorial [server] Run a Server on a VPS
2
Replies
25
Views
32K
Erel
Erel
Top