Risky? DMZ & NAS - What Could Go Wrong?

  • Thread starter Thread starter kandelabr
  • Start date Start date
Click For Summary

Discussion Overview

The discussion centers around the security implications of using a home NAS as an FTP server, particularly when configuring it as a DMZ (Demilitarized Zone) computer on a router. Participants explore the risks associated with this setup and alternative methods for secure file transfer.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Exploratory

Main Points Raised

  • One participant expresses concern about the security risks of placing a NAS in the DMZ, highlighting the potential for malicious access to the NAS' administration page.
  • Another participant suggests using port forwarding instead of DMZ to minimize risk while allowing FTP access, recommending a static IP for the NAS.
  • A different participant agrees with the port forwarding suggestion and notes that DMZ can be useful temporarily.
  • One participant reiterates the initial concern about security, emphasizing that FTP transmits data in clear text, making it vulnerable to sniffing, and recommends using an SSH server for secure file transfer instead.

Areas of Agreement / Disagreement

Participants generally express disagreement regarding the use of DMZ for a NAS, with multiple competing views on the best approach for secure access to the NAS. There is no consensus on the safety of using DMZ versus port forwarding or alternative methods like SSH.

Contextual Notes

Participants note the limitations of FTP security, particularly regarding data transmission in clear text, but do not resolve the broader implications of using DMZ versus other configurations.

Who May Find This Useful

This discussion may be useful for individuals setting up home NAS systems, particularly those interested in secure file transfer methods and network configuration options.

kandelabr
Messages
110
Reaction score
0
Hello,

i've just got a home NAS and it has an option to use it as a FTP server, but if i want to use it as one, i need to set its ip to be the "DMZ computer" in router's settings.

i know it's a security risk for computers, but is it also for a NAS? i can set the precise username and password for those that will be connecting, and that user will only have access to specified folder and nothing else.

what could go wrong?*

________________________________
* sarcasm not specifically excluded
 
Computer science news on Phys.org
i would very strongly advise against placing anything in the DMZ on the router. This opens up the system to the internet and can potentially cause problems. Allowing full access from the internet will afford a malicious user the opportunity to access your NAS' administration page which is dangerous.
The best option, if you want to run an ftp, is assign your NAS a static IP address and setup port forwarding on the router and forward all data on port 21 to your NAS. THis will let you access your ftp with minimal risk.
 
that's a good idea.
let me try :)

thanks,
kandelabr
 
I would also advise to Port Forwarding. DMZ can be useful on a temporary basis though.
 
kandelabr said:
Hello,

i've just got a home NAS and it has an option to use it as a FTP server, but if i want to use it as one, i need to set its ip to be the "DMZ computer" in router's settings.

i know it's a security risk for computers, but is it also for a NAS? i can set the precise username and password for those that will be connecting, and that user will only have access to specified folder and nothing else.

what could go wrong?*

________________________________
* sarcasm not specifically excluded


In a FTP server, everything is transmitted in clear text over the network. So, the username and the password can be easily sniffed.
I suggest you set up a SSH server on the computer (in order to use SCP); and forget the FTP server on the NAS.
 

Similar threads

Downloading videos from TP-Link NVR1108H-W Network Video Recorder
  • · Replies 2 ·
Replies
2
Views
1K
Using Word for Equation Editing
  • · Replies 15 ·
Replies
15
Views
2K
Built-In Server-to-Server Connectability (?)
  • · Replies 4 ·
Replies
4
Views
4K
What Could Be Causing Unexpected Results in the LET Analysis with MCNP6.2?
  • · Replies 8 ·
Replies
8
Views
3K
What could be causing my wireless network to keep dropping and how can I fix it?
  • · Replies 4 ·
Replies
4
Views
5K
How do I set up a Router/Netgear Powerline Ethernet Network?
  • · Replies 4 ·
Replies
4
Views
20K
Why Can't My Windows XP Desktop Access Shared Folders on Ubuntu 10.04?
  • · Replies 2 ·
Replies
2
Views
4K
What's going on with databases? Why so prone to attacks yet still used
  • · Replies 21 ·
Replies
21
Views
4K
What is the role of a cache controller in optimizing CPU performance?
  • · Replies 10 ·
Replies
10
Views
3K
I could really use some help picking my optional module [GameDev]
  • · Replies 2 ·
Replies
2
Views
3K