Temporary FTP Server - Security

Temporary FTP Server - Security
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Temporary FTP Server - Security nousenetspam 04-20-2006
Posted by on April 20, 2006, 2:05 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I have a client who is a consultant and uses one box with WinXP on it.
It has SP2 and all updates. He lives in the US and is working on a
large project in Kuwait. Him and another in Kuwait need a way to
transfer 50MB files to each other. This is only going to be temporary
(for a few months). My client is not a member of a domain or
workgroup. How secure is it to setup Filezilla Server on his computer
(and on the one in Kuwait) and share a single directory with the 50MB
files. I'd remove anony. access, enable auditing, and secure the
folder with NTFS permissions. He currently has DSL service and is
behind a router. He has a dynamic IP. I'd use DynDNS to track the
dynamic IP. I'd use a non-standard port for FTP transfers.

Is this a good idea; or am I taking unnecessary risks?

Am I better to have a separate box behind the router for this? I could
then choose Win or a Linux distro. This is only temporary and while
money is not important, it is important because it is temporary.

Or

Would I be better off using a service like Basecamp?

Any suggestions are welcome!


Posted by Sebastian Gottschalk on April 20, 2006, 2:37 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
nousenetspam@gmail.com wrote:
> How secure is it to setup Filezilla Server on his computer
> (and on the one in Kuwait) and share a single directory with the 50MB
> files.

Very secure if you use FTP over SSL and verify the certificate by telephone.

> I'd remove anony. access, enable auditing, and secure the
> folder with NTFS permissions.

This won't help against someone passively snooping the login credentials
and loggging in, yet not minding about active attacks.

> I'd use a non-standard port for FTP transfers.

Doesn't matter.

> Is this a good idea; or am I taking unnecessary risks?

Either you were forgetting or omitting the obvious: need for encryption,
integrity and authentication.

> Would I be better off using a service like Basecamp?

You can use any kind of file/webspace provided by some dotcom bubblers
as long as encryption and digital signatures are used.

Posted by Ludovic Joly on April 21, 2006, 4:31 am
If you were  Registered and logged in, you could reply and use other advanced thread options
50 MB, multiple files both ways... To me, it sounds like a lot of
exchanges.

Regarding Internet access, are there special rules in Kuwait to enforce
a form of censorship/control? Are there firewalls/proxies/filters at
ISP level, etc...?

If the guy is not already in Kuwait or he doesn't already have an
Internet access, you should learn what are the documents the ISP asks
for. It could well be for instance that some connectivity requires
residency or something else...


Posted by M. Trimble on April 21, 2006, 9:51 am
If you were  Registered and logged in, you could reply and use other advanced thread options
nousenetspam@gmail.com wrote:

> I have a client who is a consultant and uses one box with WinXP on it.
> It has SP2 and all updates. He lives in the US and is working on a
> large project in Kuwait. Him and another in Kuwait need a way to
> transfer 50MB files to each other. This is only going to be temporary
> (for a few months).
...
> Or
>
> Would I be better off using a service like Basecamp?
>
> Any suggestions are welcome!


You know, sneakernet is still up and running, sometimes via thumb drive over
UPS-Net.

Ha-ha, only serious.

Posted by Ludovic Joly on April 21, 2006, 10:01 am
If you were  Registered and logged in, you could reply and use other advanced thread options

Ha-ha, funny. I nearly came to the same conclusion.


Similar ThreadsPosted
Server Co - Lo and 2 factor security May 25, 2006, 3:21 am
Terminal Server Security December 6, 2006, 5:10 pm
Server virtualization and security? February 13, 2008, 6:38 am
SSL security with server certificate compromised December 22, 2006, 7:06 am
setting up a server to test security apps February 22, 2005, 9:50 pm
Q: Security management in Client/Server environments (especially CORBA) May 16, 2005, 4:01 pm
Best RADIUS server July 29, 2004, 9:25 am
RSA ACE server and Open BSD July 10, 2005, 3:34 pm
Re: Know about a proxy server? January 2, 2007, 1:15 pm
Re: Know about a proxy server? January 2, 2007, 7:21 pm

The site map in XML format XML site map

Contact Us | Privacy Policy