Need a firewall for AFP over TCP?

neutrino23neutrino23
Posted:
in Genius Bar edited January 2014
I want to do file sharing over the internet from behind a router. I have learned that if I enable port 548 then I should be able to do this. However, this exposes part of OS X to the internet.



Of course, anyone providing a legal user id and password can then access that computer.



However, is there any other way to hack into port 548 or is it fairly secure?

Comments

  • Reply 1 of 2
    jutusjutus Posts: 272member
    Go ahead and make then pinhole.



    As long as you are serving afp password protected, you're probably good to go.



    Worst case, someone can log in as guest, and fill your drop box to the point where you run out of disk space.



    You can always disable write access to counter the above.
  • Reply 2 of 2
    neutrino23neutrino23 Posts: 1,562member
    Thanks. I disabled guest login. I tested logging in as guest and it just gives you a blank screen. I saw an article from a year or so ago where someone was doing this without problem for quite some time.



    I have been trying this for a few days and it works quite well. Logging in and mounting to the desktop are very fast. I can transfer files at about 2.2MB/minute via our ADSL connections.



    So far I haven't seen any problems. Of course, this is like the army's statement that they have no knowledge that camouflage has ever been successfully used against them.
Sign In or Register to comment.