If you can't tell, I'm kind of a newbie at networking. My question is: is my home network and computers at risk from hackers if I leave port 21 open to the NAS FTP server?
More so than if the ports weren't open. But for someone to access your network they need to find your network (which someone typically will, via automated scans) and then use one of the following methods to access it:
1. guess your password
Best defence against this is to pick a non-obvious password.
2. "sniff" your password by monitoring network traffic between you and your network while you're accessing it
Technically that's easy for people in the "right" place (e.g. someone at your ISP, or staff at an Internet cafe that you're using) and hard for anyone else
3. exploit a defect in the software in your router or the NAS device itself to get access without a password at all
Defence against this is to keep up to date with firmware/software updates for your equipment. Tireseome, but prudent.
I would worry more about the PCs on your network than I would about the NAS device, however that doesn't mean there won't be an exploit against it tomorrow. :-(
FYI, the "secure" way to access equipment like that is to set up a virtual private network (VPN) that encrypts everything between your network and wherever you are, and use FTP via that VPN. I don't think this is easy to do yet with purely Windows machines, but I'm no Windows expert. The USA's (and other countries') restrictions on export of encryption technology (now /mostly/ relaxed) has hurt the development of products in this area.
Regards,
Giles
