How to design a secure file transfer application ?

I have various design options for a secure file transfer application.
Basically I have a Win2k service (running on Box A) that needs to access
some files located on another Win2k box (box B) on the same network (same
Windows 2000 domain).

My question is what are the pro and cons of having the files transferred
using simple file copy versus a Winsock communication solution for
transfering the files between the two boxes ? Which option is easier to
secure and at the same time more robust and reliable ?

I am leaning towards using the simple file copy:
In this case, the files would sit on a share for which only a specific
domain user would have read access. The service on box A would run as
LocalSystem account and would impersonate the domain user, access the files
and then revert to self. The application would need to store the
credentials for the domain user. (Any suggestions how to store secrets in
Windows 2000 ?)

Thanks,

George

George

On Tue, 05 Aug 2003 05:24:38 GMT, "George" <>
wrote:

>I have various design options for a secure file transfer application.
>Basically I have a Win2k service (running on Box A) that needs to access
>some files located on another Win2k box (box B) on the same network (same
>Windows 2000 domain).
>
>My question is what are the pro and cons of having the files transferred
>using simple file copy versus a Winsock communication solution for
>transfering the files between the two boxes ? Which option is easier to
>secure and at the same time more robust and reliable ?
>
>I am leaning towards using the simple file copy:
>In this case, the files would sit on a share for which only a specific
>domain user would have read access. The service on box A would run as
>LocalSystem account and would impersonate the domain user, access the files
>and then revert to self. The application would need to store the
>credentials for the domain user. (Any suggestions how to store secrets in
>Windows 2000 ?)

George,

SSH and SCP are your friends.

ASMdood

f-secure ssh, run it with the scheduler service for a 'cron' like automated
dump. works fine, lasts along time. scp from one box to another

HAL

ASMdood wrote:

> On Tue, 05 Aug 2003 05:24:38 GMT, "George" <>
> wrote:
>
> >I have various design options for a secure file transfer application.
> >Basically I have a Win2k service (running on Box A) that needs to access
> >some files located on another Win2k box (box B) on the same network (same
> >Windows 2000 domain).
> >
> >My question is what are the pro and cons of having the files transferred
> >using simple file copy versus a Winsock communication solution for
> >transfering the files between the two boxes ? Which option is easier to
> >secure and at the same time more robust and reliable ?
> >
> >I am leaning towards using the simple file copy:
> >In this case, the files would sit on a share for which only a specific
> >domain user would have read access. The service on box A would run as
> >LocalSystem account and would impersonate the domain user, access the files
> >and then revert to self. The application would need to store the
> >credentials for the domain user. (Any suggestions how to store secrets in
> >Windows 2000 ?)
>
> George,
>
> SSH and SCP are your friends.

joe