News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Any advice to secure a homemade ftp server? : programming | Torhoo darknet markets

I'm making a home FTP server that I'll be using to work on malware without having evidence on my laptop, and I want to try secure it from attacks. I've got 3 factor authentication, wherein it uses both the device's mac address and also an otherwise inconspicuous file to authenticate the device.
Any advice for securing the actual server and connection?
Note: I'm new to JS and PHP, and am relatively unskilled at HTML and CSS
/u/Grazelda
7 points
3 years ago
What OS? Listening on a public IP address?

An FTP server doesn't have anything to do with JS, PHP, HTML or CSS. Using something like ProFTPd on Linux you can lock it down pretty creatively, use a cron job to start and stop it so its only listening when you need or when you trigger it, etc. Or use SFTP through SSH and use an ssh key, stuff like that. Treat it like a refrigerator; you only open the door when you need something, reach in and grab/put it, and close the door. Logging in hooked to mac address is a pain in the ass and means you can only access your stuff from one specific net adapter or you have to munge your mac for each session. Easier to just use SFTP with ssh keys and turn SSH on/off as needed.
/u/Skeptech 📢
1 points
3 years ago
The server will be running ubuntu server, but the client computers will be running a variety of OS's, namely MacOS, windows 10/11, and Manjaro and Kali Linux. Thanks for the advice!
/u/Grazelda
2 points
3 years ago
But the client OS has nothing to do with it. Its 100% a server issue.
/u/floatingpoint
3 points
3 years ago
To secure the server the first thing I would do is have your OS encrypt your home folder. Next I'd set up SSH keys AND a password. Then use the UFW firewall to block all traffic to unneeded ports. As /u/Grazelda suggested you can get creative with cron. Maybe block your SSH port except for a specific time during the day if you want to be extra careful? Let me know what you do.
/u/Grazelda
3 points
3 years ago
Or he can turn on a restricted smtp server on a wacky port, and use it to trigger server(s) via a secure shell account. Kind of fun actually. Makes you feel all geeky and shit.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo