Security Basics mailing list archives

RE: Accessing the File server

From: Dave Killion <Dkillion () netscreen com>
Date: Fri, 29 Aug 2003 08:54:23 -0700

Kanwar,

There'll always be a 'hitch' with security - even the most commonly-used
'secure' protocols (SSL, SSH, etc) occasionally will have security
problems.  The best you can do is pick something appropriately secure, and
then keep tabs on it - make sure it's up to date, and monitor it for
suspicious activity.

I'd recommend SSH as a secure way of sending files.  This service may
already be installed on your server by default - it's a common service to
have running.  There are a variety of programs that support this protocol
in file-transfer mode - Putty (Free-as-in-Beer) has a pscp command-line
program to transfer files, while SSH Corporation's client (Not Free) has a
slick drag-and-drop very similar to Explorer.  If you have other POSIX
OS's in your environment (Linux, *BSD, Solaris, etc) then the OpenSSH
client is for them, and also comes generally pre-installed.

Check out OpenSSH at www.openssh.org.

Good luck!

I hope this information is helpful,

Dave Killion
Senior Security Engineer
NetScreen Security Group, NetScreen Technologies, Inc.



-----Original Message-----
From: Kanwar Sidhu [mailto:Kanwar.Sidhu () anu edu au]
Sent: Thursday, August 28, 2003 10:56 PM
To: security-basics () securityfocus com
Subject: Accessing the File server


Hi There,
I got file server Red Hat Linux that is accessible only inside from my
organization. I am just wondering is there any kind of secure method so
that people can access files from the outside world without any hitch
with security. I was thinking is there any kind of web interface method
so that people just enter there user names & get access to files. But
this I think will involve running web server which I don't want to do.
Is there any other solution out there ???

Thanks,

Kanwar Sidhu

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003



--------------------------------------------------------------------------
-
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September
6.Visit us: www.blackhat.com
--------------------------------------------------------------------------
--

Attachment: smime.p7s
Description:

Current thread:

Accessing the File server Kanwar Sidhu (Aug 29)
- RE: Accessing the File server Michael LaSalvia (Aug 29)
- Re: Accessing the File server Gabriel Orozco (Aug 29)
- <Possible follow-ups>
- RE: Accessing the File server Dave Killion (Aug 29)