Hey Guys,

I am working with an organisation who has just moved to using file maker server, I want to open the file maker port on the server to enable remote access. However, I have been told by a few people that this is very risky and leaves the server vulnerable. Just wanted to see if you guys had any advise re this?

I know there is the VPN route, but in previous organisations I have worked with, this has been a hassle to setup and use.

I've got to present some evidence to management either way, so I would be grateful for any thoughts/sources.

Cheers,

Dan

Any access to a port is a potential vulnerability. The question is what is the actual risk of a threat agent's triggering a threat to exploit that vulnerability? Unless the organization "enjoys" a controversial public profile, I would just the risk level to be low. You should of course fully protect the files and the the server using the options provided.

A VPN can be used; however if your on;y reason to do so is for encryption, FIleMAker Server itself will do that.

Steven

I.T. folks always hate open ports. But I imagined a big part of the risk is that someone configures the machine wrong and what should be a dedicated port, is left open to other traffic.

Is there any history of successful exploits of a dedicated Filemaker server port to hack a machine? Wouldn't this require someone actually attack the FM server software and get it do something that it is not supposed to do?