Re: Shared drives through a firewall

Jim Harrison wrote:
> You might consider using FTPS or SSH connections; they're relatively
> secure, depending on the server/client package you select.

Webdav is under-promoted in these scenarios - it's built on top of a 
well-understood and easily securable protocol (http), and it has great 
crossplatform support. Webdav allows access either via a webdav client 
that supports writing (windows explorer and gnome/nautilus both do this, 
and OSX/KDE/$desktopofchoice probably do too) or a standard http client 
(ie, lynx, firefox). It supports well-understood mechanisms to encrypt 
traffic (TLS/SSL) and authenticate users (http basic auth).

It has good application layer support from a wide variety of reverse 
proxy/firewall products (including ISA) designed for protecting web 
traffic if you choose to expose it externally.

It's also fairly difficult to distinguish from a regular webserver, so 
it's far less likely to draw attention from attackers than opening up 
SMB ports, particularly if you had a webserver running anyway.

There's also been webdav support in IIS and in Apache for quite some time...

 - James.

--
  James (njan) Eaton-Lee | UIN: 10807960 | http://www.jeremiad.org

  "The universe is run by the complex interweaving of three
  elements: Energy, matter, and enlightened self-interest." - G'Kar

 https://www.bsrf.org.uk | ca: https://www.cacert.org/index.php?id=3
--

smime.p7s
Description: S/MIME Cryptographic Signature