Security

fixman1 · 18 May 2025 11:25

I have read the Forum Q&A on security, and some of it is over my head. So let me provide a little background and then get to my questions.

Our Club has a Wfview dedicated network. No one else is using it. It is an Xfinity setup and if you have the network password, you can access the wifi. We have a dedicated Win 11 server which has no data or personal information on it, and is wired to the router. If the server goes down or is compromised by a virus or other security breach, we will have a second Wfview server to install while the first is being cleaned. We will change passwords on both the network and Wfview on a schedule.

Considering the open ports, Is there anything extra (VPN, virus software, etc.) a user should do to protect their personal computer while using Wfview? Is there anything more we should do on the server side for protection? I recognize that this software is no more vulnerable than any other remote software, but for a non-computer person, just general answers would be helpful.

roeland · 18 May 2025 19:20

I have no idea what you try to ask…

xfinity? what?

fixman1 · 18 May 2025 19:51

Hi Roland. Leave out the sentence with Xfinity in it and see if that helps.

phil · 18 May 2025 21:11

No inbound ports need to be open for the client side, so any risk is minimal.

We have not really performed any specific security analysis of wfview, but it should be difficult to cause a buffer overflow (the most common method of attacking software).

The only way that the client computers could be at risk is if the server was hacked and wfview was replaced with software which accurately mimics the Icom protocol. This must then send specifically crafted replies to the client containing some sort of payload exploiting a security hole in the client (not that we are aware of any existing)

fixman1 · 18 May 2025 22:14

Thank you Phil, Much appreciated.