IP logs and look up

[rubberman]

i have a fileserver at home where i store my mp3s, some video and pictures and set up some webserver software which i can access all those file away from home. i checked the log today and they are a dozen IPs logged checking out my mp3s. how do i find out? the whos who ip lookup doesnt really say much
some of them like 92.104.64.25 is from switzerland and 196.217.214.175 is from monaco. its not like i gave my IP out

the only thing i can think of to do is change the port number or even add those IPs to the block list. any ideas?

[Dv8ted2]

If you don't want people snooping, change your setup. You should not use a webserver to share those files. The files should be encrypted to where others cannot tell what they are so easily. Using a webserver is like telling the world, hey check out my files. You are leaving port 80 open and anyone can get through that port because it is open. You should use a combination of a hardware firewall and a software firewall. Your question is dubious and equates to you wanting to setup a honeypot.

[rubberman]

i have a certain port open for that and how can you access it thru port 80? 80 access my router and it has a long ass string of digits for the password. i dont give out my IP to share.

[Dv8ted2]

i have a certain port open for that and how can you access it thru port 80? 80 access my router and it has a long ass string of digits for the password

Port 80 is the port that web traffic uses.

[rubberman]

i know that but you cant access my stuff unless you know the port no. and it aint 80. i changed port numbers and cleared the logs to see if i get anything

[poisondeathray]

What webserver software are you using? Is it a retail verson?

It wouldn't hurt to change the port# and login/password info

[Dv8ted2]

i know that but you cant access my stuff unless you know the port no. and it aint 80. i changed port numbers and cleared the logs to see if i get anything

You are missing my point. You should encrypt the files. Whatever port you are using for web traffic, they are getting in through that port. If you leave that port open, you are letting anyone and their dog in. That is why you should not use a webserver to share your files. You should think like a cracker. If you take the mindset that your network will get attacked you would be better prepared to defend it. You have the equivalent of a honeypot and you are asking about entrapment.

[rubberman]

actually port80 was closed and open only remote management to access my router. i have only 2 ports open - webserver software and winamp

[Dv8ted2]

actually port80 was closed and open only remote management to access my router. i have only 2 ports open - webserver software and winamp

Whatever port that the webserver software is using, is the hole that people are getting through. Even if you switch ports, you are telling the world to check out your files. My profession is information systems security. You have two choices. Either encrypt the data, or do not share your files.

[rubberman]

is there a freeware encryption software?

[Dv8ted2]

Windows XP has the encrypting file system built in. You right click the folder and select properties. Hit the advanced tab and there is a checkbox to encrypt the data.

[rubberman]

thanks for your help

[aedipuss]

wouldn't a secure fileserver like smartftp where you can set passwords and such be a better option than an open webserver?

the net is full of port scanning little twerps who have nothing better than looking for any open port they can exploit. don't leave any port open. it will be found in under 5 minutes from somewhere in the world.