How secure the connection is while dealing with file transfers
-
- Posts: 3
- youtube meble na wymiar Warszawa
- Joined: Fri Jul 21, 2017 6:01 pm
How secure the connection is while dealing with file transfers
Using a NAS and transferring data online, how secure it is? So if anyone who manages to hack my connection, my file are also at stake. This is something I am getting worried about. There are a lot of possibilities of such event. In my research, till now I found that a VPN service can secure and encrypt my connection making is nearly impossible to breach my connection. So if anyone has a clue on what else can be done to secure data online be it any kind of data transfers.
- father.mande
- Posts: 1819
- Joined: Sat Sep 12, 2015 2:55 am
- Location: La Rochelle (France)
Re: How secure the connection is while dealing with file transfers
Hi,
First ... "closed the doors"
... don't forward not necessary port
... use encrypted connections
... change default port to yours (except for HTTPS if open to all)
... use strong password
... except in a VPN don't use any insecure connection (even seem easy) MS Samba (SMB), etc.
... and remember that closing the server don't secure the user workstation ... 90% of the security hole are in fact on a client (not locked, connection still open, password write somewhere, etc. etc.)
2 : use ONLY encrypted connection if possible
... VPN is one of the best even using password ... but if you have the skills ... OpenVPN can be configured using certificate (so revocable) using OpenVPN and easy rsa from Entware QPKG package manager
... ... also OpenVPN form Entware can permit bridge mode BUT not sure Asustor provide tap kernel module ??? (I don't know)
... SSH can be used to encrypt lot of tcp connection by tunneling
... SFTP (so using SSH) ... is a secure file transfer
... SSHFS ... use SFTP connection to access (mount in Linux) files and folder securely
... Syncthing is a secure synchronization tool between your data and any external server, PC, smartphone, etc. (so not an "access" but a local duplication
... use only HTTPS with a valid (signed) certificate for all web application open to the world (and secure ALL web application (user / password, virtual server, etc.)
etc. etc. depending of your request (exact) and your (and users) skills. NO GENERIC SOLUTION ...
Another solution is to put the VPN server (with certificate) in a router under Linux (for ex. any router supporting DD-WRT alternative firmware) ... so the VPN access is managed at the entry of the network and NOTHING is open to the world.
Philippe.
First ... "closed the doors"
... don't forward not necessary port
... use encrypted connections
... change default port to yours (except for HTTPS if open to all)
... use strong password
... except in a VPN don't use any insecure connection (even seem easy) MS Samba (SMB), etc.
... and remember that closing the server don't secure the user workstation ... 90% of the security hole are in fact on a client (not locked, connection still open, password write somewhere, etc. etc.)
2 : use ONLY encrypted connection if possible
... VPN is one of the best even using password ... but if you have the skills ... OpenVPN can be configured using certificate (so revocable) using OpenVPN and easy rsa from Entware QPKG package manager
... ... also OpenVPN form Entware can permit bridge mode BUT not sure Asustor provide tap kernel module ??? (I don't know)
... SSH can be used to encrypt lot of tcp connection by tunneling
... SFTP (so using SSH) ... is a secure file transfer
... SSHFS ... use SFTP connection to access (mount in Linux) files and folder securely
... Syncthing is a secure synchronization tool between your data and any external server, PC, smartphone, etc. (so not an "access" but a local duplication
... use only HTTPS with a valid (signed) certificate for all web application open to the world (and secure ALL web application (user / password, virtual server, etc.)
etc. etc. depending of your request (exact) and your (and users) skills. NO GENERIC SOLUTION ...
Another solution is to put the VPN server (with certificate) in a router under Linux (for ex. any router supporting DD-WRT alternative firmware) ... so the VPN access is managed at the entry of the network and NOTHING is open to the world.
Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
- orion
- Posts: 3485
- Joined: Wed May 29, 2013 11:09 am
Re: How secure the connection is while dealing with file transfers
I think "nearly impossible" is the correct wording. SSL/TLS should match that requirement (yes, VPN should apply the same). Then, there are many ways based this mechanism, for example: SFTP, FTPS, WebDAV on SSL, RSync via SSH, Web server over SSL.
-
- Posts: 33
- Joined: Tue Feb 14, 2017 9:23 pm
Re: How secure the connection is while dealing with file transfers
All the above mentioned methods and keep a vpn at hand. Use a paid service. I have one or two subscriptions of paid vpn services. Try looking at https://www.bestvpn.co/ or you can just search some deals too, there are few vpns that are always offering discounts (If you don't want to spend much)
-
- Posts: 1
- Joined: Thu Nov 07, 2019 9:31 pm
Re: How secure the connection is while dealing with file transfers
I've found good solution for secure my private with VPN which i take from the top on https://www.techtimes.com/articles/2458 ... ase-on.htm .
Hope you'll get your solution to
Hope you'll get your solution to