I have a question Im trying to set up an ftp server, and vnc server that will be accessable from the internet I have dsl and have to router setup correctly. However I think the place I want to access it has the ports I want to use blocked. Can I use a standard port like 8080 for example and still be ok, will it mess anythink up expose me so seriously etc...
btw I know 8080 works because I setup remote monitoring on my router and I have access to it its just some of my other ports that are causing me problems.

bump

bump

A friend of mine used to host an ftp and also an http server at home.

He later changed the ftp ports to 80 I think so he could access his stuff from our work place

At the time I worked at a Printing company, he was a trainee so to say so he just did a whole lot of practise at the time and he wanted a way for him to easy carry on his work at home at the end of the day. Seemd to work great, but Im not so sure how to set up these things so exactly what he did, i do not know

bump

Not 100% sure about all of this so I’m sticking my neck out a little here. Hopefully someone will correct me:

Ideally all ports should be stealthed (or at least closed) (even 8080), unused ports can potentially be exploited by trojans and used ports often have exploits which run on the services using the ports. You should only open ports to services that you know are configured securely and cannot be easily exploited. You might also consider using some form of encryption for connecting to your VNC/FTP services (SSL ?). I believe that you can run only one service per port. So given that your firewall is already using up port 8080 for remote access I don’t think you will be able to run VNC or FTP off the same port. Provided you're not running a web server I'm guessing your work will also let you connect to port 80 (you might also want to try some other common HTTP ports) so you can probably set up VNC or FTP to run off that and configure your firewall accordingly. I'm a little surprised that your company has blocked access to the standard ftp ports (20/21). Of course once you open up those ports other computers on your home network will also be exposed (edit -> unless your router/firewall supports port forwarding in which case you specify which computer to forward the data to).

You're right, one service per port.

Security of software depends ALOT on your server OS too. I use Fedora, and the vsftp daemon, I have got all my ports stealthed except for the ut2k4 server ports and my hosting ports (ie 8080 for my ut2k4 webmin, 80 for http, 21 for ftp, 20 for ssh, and I don't allow VNC because my server is cli only I don't run a gui, ports 7777/7778)
I also use the software firewall, and on my router I use the built-in firewall and port-forward on the needed ports.

Thanks oldsk00l. With your help and a bit of Googling I just learned something tonight. (cheers)