How to design a secure file transfer application ?

Discussion in 'Computer Security' started by George, Aug 5, 2003.

  1. George

    George Guest

    I have various design options for a secure file transfer application.
    Basically I have a Win2k service (running on Box A) that needs to access
    some files located on another Win2k box (box B) on the same network (same
    Windows 2000 domain).

    My question is what are the pro and cons of having the files transferred
    using simple file copy versus a Winsock communication solution for
    transfering the files between the two boxes ? Which option is easier to
    secure and at the same time more robust and reliable ?

    I am leaning towards using the simple file copy:
    In this case, the files would sit on a share for which only a specific
    domain user would have read access. The service on box A would run as
    LocalSystem account and would impersonate the domain user, access the files
    and then revert to self. The application would need to store the
    credentials for the domain user. (Any suggestions how to store secrets in
    Windows 2000 ?)

    Thanks,

    George
    George, Aug 5, 2003
    #1
    1. Advertising

  2. George

    ASMdood Guest

    On Tue, 05 Aug 2003 05:24:38 GMT, "George" <>
    wrote:

    >I have various design options for a secure file transfer application.
    >Basically I have a Win2k service (running on Box A) that needs to access
    >some files located on another Win2k box (box B) on the same network (same
    >Windows 2000 domain).
    >
    >My question is what are the pro and cons of having the files transferred
    >using simple file copy versus a Winsock communication solution for
    >transfering the files between the two boxes ? Which option is easier to
    >secure and at the same time more robust and reliable ?
    >
    >I am leaning towards using the simple file copy:
    >In this case, the files would sit on a share for which only a specific
    >domain user would have read access. The service on box A would run as
    >LocalSystem account and would impersonate the domain user, access the files
    >and then revert to self. The application would need to store the
    >credentials for the domain user. (Any suggestions how to store secrets in
    >Windows 2000 ?)


    George,

    SSH and SCP are your friends.
    ASMdood, Aug 6, 2003
    #2
    1. Advertising

  3. George

    joe Guest

    f-secure ssh, run it with the scheduler service for a 'cron' like automated
    dump. works fine, lasts along time. scp from one box to another

    HAL

    ASMdood wrote:

    > On Tue, 05 Aug 2003 05:24:38 GMT, "George" <>
    > wrote:
    >
    > >I have various design options for a secure file transfer application.
    > >Basically I have a Win2k service (running on Box A) that needs to access
    > >some files located on another Win2k box (box B) on the same network (same
    > >Windows 2000 domain).
    > >
    > >My question is what are the pro and cons of having the files transferred
    > >using simple file copy versus a Winsock communication solution for
    > >transfering the files between the two boxes ? Which option is easier to
    > >secure and at the same time more robust and reliable ?
    > >
    > >I am leaning towards using the simple file copy:
    > >In this case, the files would sit on a share for which only a specific
    > >domain user would have read access. The service on box A would run as
    > >LocalSystem account and would impersonate the domain user, access the files
    > >and then revert to self. The application would need to store the
    > >credentials for the domain user. (Any suggestions how to store secrets in
    > >Windows 2000 ?)

    >
    > George,
    >
    > SSH and SCP are your friends.
    joe, Aug 7, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page