Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Personal File Sharing = safe?

R

RubyRoses

macrumors newbie
Original poster
Feb 13, 2011
26
0
Hello fellow mac users :)

So far, I've had Personal File Sharing, Window Sharing & Printer Sharing on, as I am part of a small network (2 other Windows users; my dear family), because I wanted to be able to share files with them. However, after some reading around, I've started to wonder if maybe 'Personal File Sharing' meant that I wouldn't just be sharing with my network, but with the whole world? Is that true?

This thought is mostly of concern to me because I wouldn't want to think I had created a hole in my security. I've been doing a lot of research, and lots of things tell me how to 'turn personal file sharing on' without mentioning if there are any dangers. Hence the post. What does everyone think? ...Equally, lots of places say you should turn all these features off. See more about my circumstances below!:

Further information
  • I use a 10.4.11 iMac, so, no moving about anywhere.
  • I do not have the inbuilt firewall switched on, as our network is protected by a hardware firewall at the router.
  • My password was alpha-numerical, but in the most limited sense: all lower case letters and only 1 number! I have since changed it to something which I hope is a bit more bad-ass.

Thank you so much to everyone in advance! Needless to say, I've decided to switch all these things off for now...
 
Turning on personal file sharing from System Preferences only shares files on the local network.

To share with the world, FTP would probably be the best option, but AFAIK you need a domain name for that
 
File Sharing is as safe as the password you use to protect it. No one is going to break the security of the connection you use, but if your password can be guessed or broken by brute-force methods, you could open yourself up to potential issues. Note too that if your network is protected, then it won't really matter unless someone is also able to gain access to that network. As noted, you have to go through some pretty specific setup to give access to file sharing of any type to the outside world. Your router should prevent that from being an issue.

jW
 
Thank you for your replies you lovely people!

@ Shake 'n' Bake: Yeah, these things were turned on via System Preferences. So...you're saying even if you have something like 'FTP Access' switched on - which I never have - that too would only make your computer accessible to those within the network?

Mal, you say: 'File Sharing is as safe as the password you use to protect it', but then go on to say: 'if your network is protected, then it won't really matter unless someone is also able to gain access to that network'. From this, I deduce people behind the harware firewall/router could potentially crack the password - if they wanted to - but for those out in the wider world, they'd have to fight past the firewall first?

Also, your last sentence: 'Your router should prevent that from being an issue.' By 'that' you mean 'personal file sharing being a 'way in'', as opposed to 'going through some specific setup to give file access', right? Hopefully the first!

I suppose what worried me was that, I gather, if you have 'Apple Remote Desktop' or 'Remote Login' switched on, anyone online can potentially take advantage of your system through these features (you know, remotely control your desktop or what have you.) That these features make certain ports on your computer accessible to the world at large, creating a sort of tunnel through your firewall. And that this is why some recommend that you keep them switched off.

But if having 'Personal File Sharing' on (and the like) do not make you anymore susceptible to cracking than if they were off, then, well, that's great to know!

That appears to be the general consensus, is it?
 
What I was trying to say is that your computer's password is an effective defense, without any other factors involved. Thus, even someone on your network would have to figure out your password (and there's no known ways of breaking that, except brute-force, which Apple has taken measures against, and social engineering, which can't really be prevented by technological means).

Your router provides an extra layer of security, because no one from the "outside" (on the internet) can even see your computer with a router in between, not without getting through that inherent security or you setting up a pathway in. Thus, someone would have to gain access to your local network to even begin challenging the password on your computer in the first place.

Basically, turning on File Sharing is only dangerous if you have a poor password set on your computer and then use your computer in a way that others could access it over a local network.

jW
 
@ Mal: thanks a lot, you've made things really clear! :)

Mal said:
Basically, turning on File Sharing is only dangerous if you have a poor password set on your computer and then use your computer in a way that others could access it over a local network.
Click to expand...

I suppose then, (and I pose this question purely out of intellectual curiosity, since I'm neither on the move nor have these features switched on) that goes for the likes of 'Apple Remote Desktop' or 'Remote Login' too? (though perhaps a Firewall will automatically allow access if you enable these...)

And thanks for that Satcomer, looks interesting, but I'll probably stick with what I've got since I gather it's all cool. :)
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back