I think it’s a good question. Obviously strong passwords is a must, but I do wonder if I allow WebDAV to be accessible from the Internet, how robust is it against casual intrusion attempts and a sustained attempt?
Sustained attempt may be some sort of bot. Several devices from different IPs trying all sorts of user names and passwords.
How would I be able to tell if a sustained intrusion is underway?
YEs, I know that the description of the WebDAV service that it allows devices on the local network to access this service and it’s because of that I am asking this question and also because WD published the following KB: My Cloud OS 3: Configure WebDAV
Here is the contradiction. The information on the Clous OS’s firmware states local and the published KB suggests that it’s absolutely fine to expose WebDAV to the internet.
Yep, I also know I don’t have to use the default ports of 8080 and/or 4443. That it’ll work when the external port can be different.
Wonder if anyone can provide answers.
