PDA

View Full Version : Computer Question: File Sharing Over A Network



Mulsiphix
01-27-2008, 03:14 PM
I'm using WindowsXP (SP2) and am trying to figure out an efficient way to share files with my wife, who is on the same network and router, that allows for multiple files to be sent at once. Any suggestions?

Riftwalker
01-27-2008, 03:44 PM
Share a folder on the network?

Mulsiphix
01-27-2008, 03:50 PM
Yeah but not using the built in Windows File Sharing. Something similar to P2P but not public. I don't want people having that kind of access.

Freejack
01-27-2008, 04:04 PM
She's your wife. Don't you trust her? :)


Your router should block outside access to your system regardless. With it blocking access, you can flip on your Shared Documents folder. Then you can drop anything you want to share in there and she'll have access.

Alternately you can pick up a NAS and connect it to the router but it'd be the same situation. That's something I'm looking at right now. Over on Tiger Direct they have a TB sized one for a couple hundred bucks.

http://images.tigerdirect.com/skuimages/large/M261-1040-main.jpg (http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=2151091&Sku=M261-1054)

Carl

Edit: Disclaimer: I'm not suggesting or recommending that this is the best price or box, just using it as an example. :)

Riftwalker
01-27-2008, 04:20 PM
Your other options will be more difficult and may be less secure.

You could set up an FTP server on one of the machines. Unless you're doing some fancy like port forwarding no one will be able to access the FTP server running on one of your machines except for machines on the network. Then you can FTP files around between the two systems. That's also supported by Windows' UI, so you can drag and drop files around. But Windows file sharing does all of this without having to deal with setting up an FTP server, and also allows you to share printers in case both computers don't have one.

I'm not a security expert but Windows file sharing should be fine unless your network just isn't secure (like if you're using wireless and you haven't secured your network, etc.) If your network isn't secure you should work on that rather than worrying about or limiting your activities on your network.

Digital Arcanist
01-27-2008, 05:35 PM
Install some FTP software like Secure Shell and run it like an FTP server.

I'm still not sure why sharing a folder over the network won't suffice.

Mulsiphix
01-27-2008, 07:45 PM
Should anybody get past my firewall they would have access to both computers if I had a Windows File Sharing setup in place. I prefer something that is less permanent and something that can easily be enabled/disabled. We used to have an FTP server setup but I remember the process of finding a program took forever and the troubleshooting required to get it setup was horrible. Now that was two years ago but I was hoping there might be something new that would make this process a little less painless.

After doing some wikipedia browsing I came across Friend 2 Friend programs. Similar to P2P but much more secure. I downloaded GigaTribe (http://gigatribe.com/tour/accueil.php) and it worked perfectly. No fuss, no muss :D. Looks like a lot of places that currently use P2P for legitimate reasons are turning to F2F for secure, non-illegal networks. According to wikipedia anyway ;)

Digital Arcanist
01-27-2008, 10:24 PM
Ha.....anyone who wants to get into your computer can, and in very little time. The only true way to be safe is to unplug your computer.

Get a zip drive or share a folder and then turn off the sharing when you're done.

Mulsiphix
01-27-2008, 10:27 PM
Bah I know nothing is perfectly secure. I've gone to great lengths to secure my PC though. Anybody who wants in is going to have to work for it. Anybody with enough time and patience can gain access to anything in my opinion ;)

Freejack
01-27-2008, 10:58 PM
Hmm, I don't know. My Solaris, BSD, XP, 98SE, and Mac boxes are all behind a Linux based firewall with no open inbound ports.

My remote server does accept inbound web, e-mail, and ssh traffic. I scan logs for attempts and automatically add IP addresses to my block list. Secure shell scans are system blocked. Web server scans are simply blocked at port 80. E-mail is filtered by access lists (I've been adding folks lately), spamassassin, and procmail filters.

Lately I've been getting spams that are making it past spamassassin because they look pretty legitimate. They're more like attempts to get me to sign up for some service or another. My primary e-mail address (where these are coming) hasn't been used much. The last thing was the whois contact address (which I changed).

Anyway, at the end of all these e-mails is a paragraph stating that I'm getting the e-mails because I went to an affiliate site, viewed an affiliate sites inline image, or opted-in to an e-mail. I can go to some link to opt-out but just by going to the opt-out site, I am automatically signed up again (no I didn't do it, but that's the gist of the disclaimer at the end).

So I'm just looking up the IP address and denying access to that IP. And if they switch IP's (which they've done), I block the range. I get reports on the Access Denied messages and they continue to try at least once a day.

Not impossible for sure, but a lot harder than it's worth :)

Carl

tesral
01-27-2008, 11:12 PM
Windows files sharing. Not a clue. I don't do windows.

Truthfully if you have a few files and you don't want a shared folder the easiest way is to sneaker net. USB thumb drives cost a pittance and can hold gigs. I have a stone goblet full of the things on my desk.

The second is to set up a shared folder and only place files to be shared in same. I believe Windows has some manner of security slightly better than tissue paper for that kind of thing. Like i said, I don't do windows. Take advice with a grain of salt.

For any large number of shared files, a music of video collection, A file server is your best bet.

One thing you can do to restrict who can access a shared system is by restricting the subset mask in the network settings. The default for any system accessing the Internet is 255.255.255.255, that means it can access all addresses. By restricting that subset mask you can tell a network device to see less of the network. get exact instruction on how to do this, IANANA.

Mulsiphix
01-28-2008, 01:53 AM
The default for any system accessing the Internet is 255.255.255.255You mean 255.255.255.0 ;)

I prefer the F2F setup. There are even better clients available if I wanted to spend any money right now that encrypt the traffic back and forth. My system is locked up pretty damn tight. Last time I did a clean install of XP, about two months ago, I spent three weeks doing research to make sure my setup was "current" with past/current/theoretical future protection schemes. I do this every time though and browse the internet using common sense. I haven't had a virus, intruder, or kind of system breach in the last four years. My setup may not be as sealed as a "conspiracy theory" computer techie, but its pretty damn sufficient :cool:

tesral
01-28-2008, 08:11 AM
My system is locked up pretty damn tight. Last time I did a clean install of XP, about two months ago, I spent three weeks doing research to make sure my setup was "current" with past/current/theoretical future protection schemes. I do this every time though and browse the internet using common sense. I haven't had a virus, intruder, or kind of system breach in the last four years. My setup may not be as sealed as a "conspiracy theory" computer techie, but its pretty damn sufficient :cool:

Likewise and I don't have any anti malware software. I up graded a couple of years ago to OpenSUSE 9.3 from SuSE 8.2. I'm due another upgrade as 10.3 has been around for a while. I've been playing with it on Darth Beemer, the lab machine. So far I like waht I see. I think i'll wait one more upgrqde cycle fior KDE 4 to get included. They have cut the system usage of KDE by 40% and that will be like getting a ram upgrade without spending the money. Never mind the ram in this machine is maxed out.

MortonStromgal
01-28-2008, 10:32 AM
Just use CIFS (windows file sharing) its not any more unsecure than NFS if set up properly and thanks to Samba is become the default way to share for Linux to.

1. Remove any Admin shares (thats $ stuff)
2. Add users to the machine with limited access accounts & set good passwords. You may want to set an expiration date on the account and set a new password or create a new user every 2 months (corporate standard)
3. Add users to share access with the permissions you want (read only?) removing generic accounts
4. Do the same with the NTFS permissions (removing generic accounts, adding the correct permissions for the users you want) remember to include yourself as this is your local permission set.

If your super paranoid you can monitor port 445 for activity.

Digital Arcanist
01-28-2008, 09:34 PM
In my network security course the first thing they tell you is that the system behind the most security is the first one to be attacked.

You shouldn't keep any financial information on a computer connected to the internet.

I have to agree with Tesral on both accounts. You should use a file server to transfer files and you shouldn't use Windows at all.

Mulsiphix
01-28-2008, 09:48 PM
Unfortunately I've tried Linux and I just wasn't to proficient with it. I'm huge on multitasking and I've grown very efficient in Windows. Seeing as I haven't had any problems I see no reason to change. As far as financial information, I store nothing on my computer that could be used to somebody elses benefit, aside from the massive amounts of data stored on my hard drives. Nothing I couldn't replace though. Anything worth backing up is already done so. Anything worth stealing isn't on my computer.

MortonStromgal
01-29-2008, 10:57 AM
First off theres plenty of file servers out there running embedded windows or server 2003. I would guess roughly 25% of the home NAS solution run some form of windows. And when your talking data centers that number is probably closer to 40%. Theres several reasons Linux is viewed as more secure.

1. With Linux you don't have to install the kitchen sink so if theres an security hole in apache its not your file servers problem
2. Most Linux distributions force higher levels of secure user behavior out of the box
3. Open source so we can see the security holes ourselves and even come up with alternatives when no patch is available.

Most importantly though a poorly set up box is more problematic than any thing else. So if your comfortable setting up Windows stick with it.

Secondly if your looking for a simple Linux you want Ubuntu and add Automatix. After that Linux is far simpler than windows (which causes a whole new set of problems as you try to do things the hard way) ;)

Mulsiphix
01-29-2008, 12:30 PM
I purchased a dedicated server once and went with Debian. I was quite pleased with it although I had to use a ton of tutorials to get what I wanted accomplished. Without a GUI I tend to multitask horribly. I know quite a few GUI's are available for Linux but I've only attempted to set it up on my home PC a couple different times. Honestly if Microsoft stops supporting XP when the next Windows version comes out and I have to choose between it and Vista (and I'm not happy with either) I will most likely be changing to linux. I'm currently not a fan of Vista at all. It is a resource hog and a lot of the programs I currently enjoy have stability issues within it :o

tesral
01-30-2008, 01:59 PM
99% of security issues are due to ID10T errors or PBCAK failures.

Linix is more secure based on the entire *NIX model. Security is part of the kernal, not a paste on. However that still will not stop PBCAK or ID10T errors from cropping up.

I prefer Suse Linux myself. Unbuntu is too training wheels welded on.

Mulsiphix
01-30-2008, 05:27 PM
Unbuntu's claim to fame is its training wheels. Much like AOL *shutters*.

tesral
01-31-2008, 09:43 PM
Unbuntu's claim to fame is its training wheels. Much like AOL *shutters*.

Yea well some people need that. I have my head wrapped around YAST and more or less becasue of that stick with Suse. I don't like what Unbuntu does with root access.