Any hacks beside password?

[donwolfkonecny]

Wow I got a deafening silence on another thread so I'll try here.

Excluding someone physically possessing my files, is there a way besides knowing the password to hack into a FMP served through TCP/IP? What I am picturing is a buffer overflow or some other technique that would be effective against web pages on port 80 or 22? I would like to be able to say that our data would be as secure as our passwords, but I can't find any confirmation of that on the FMP website. I once asked a tech and they said they weren't aware of any breaches, which was not a satisfactory guarantee. Is there any knowledge out there about this?

[Ender]

Although I haven't seen reports of successful attacks in the Forums, that doesn't mean much. Companies and developers probably wouldn't care to advertise their security holes, and hackers keep to their own circles.

 

Bottom line is that eavesdropping on the network traffic is possible, so counter-measures should be used. This is what the network encryption option in Server is for, and this is what VPNs and firewalls are for.

 

If you want a more thorough explanation, you might check with Steven Blackwell, who wrote the book on FileMaker security (literally!):

 

http://www.fmp-power.com/home.html