INTERACT FORUM
Devices => PC's and Other Hardware => Topic started by: benn600 on October 02, 2009, 04:34:22 pm
-
Does anyone know of a highly secured technique for sharing data across the internet -- just for me. Right now, I use my Windows share on my LAN but I would like to have complete access to my shared drive from anywhere across the internet. It needs to be very general and work over standard ports because in some locations, the firewall doesn't allow a variety of outgoing ports and protocols. The final piece is that it has to be a "mapped" type drive. FTP is a pain because I can't really just do a file > save as, which is what I would really like. A cache inline would help so if I save a file, it could get stored locally and uploaded in the background.
I've been looking for a great solution for this for a long time now.
-
to find a solution you're going to have to define what YOU mean by a few terms
highly secured
mapped drive
i/o requirements and available bandwidth
standard ports
-
How many of these solutions actually exist? I've thought about using VPN but have had trouble getting it to work -- possibly because some things are blocked on networks I've used.
Secured = SSL (not in the clear with very strong password so someone doesn't randomly stumble on my share and delete everything--although in my particular case I think Shadow Copy would save me even then).
Mapped Drive = not having to use an FTP client. Ability to actually navigate the drive to open from or save to in Word or any application.
I understand the limitations of bandwidth and will work with those once I can find a solution.
Standard ports--perhaps 8080. I suppose this could easily be mapped around as needed...just change port used by program.
-
In my view, you are indeed asking for a vpn setup. Time spent getting it to work and learning how to config an ssl vpn to use alternate ports (and encryption mechanisms and bandwidth management, etc) will be well spent.
-
VPNs are difficult for many people to setup and get working universally. It is a good solution.
Don't count out SSH connections with tunneled ports. This is extremely useful, and allows you to configure what you need. You can configure your server to operate on a non-blocked port too.
-
Is there an all in one ready to use product? I have used Hamachi and it is just about exactly what I need. Unfortunately, I think the last time I tried it I didn't have much luck on a network I am often using. Of course it felt a bit slow, too, but I understand that's my network connection's fault.
-
Steve Gibson http://www.grc.com/intro.htm (http://www.grc.com/intro.htm) is working on a Himachi killer. Don't know when he will release it but I suspect it will be excellent given his track record.
-
I should probably be listening to Security Now. I used to listen religiously from episode #1 and quite a ways in. I think he has been talking about it for a while.
-
Steve Gibson http://www.grc.com/intro.htm (http://www.grc.com/intro.htm) is working on a Himachi killer. Don't know when he will release it but I suspect it will be excellent given his track record.
Sigh... http://www.theregister.co.uk/2001/10/26/winxp_firewall_defeats_gibson_nanoprobes/
-
Perhaps I'm not fully understanding what is going on but why is this surprising? The Windows only blocks incoming traffic (stealth) and it does exactly what it should do! With it enabled, incoming traffic always has problems! So it's performing exactly as it should be. What am I missing?
-
Sigh... http://www.theregister.co.uk/2001/10/26/winxp_firewall_defeats_gibson_nanoprobes/
I was refering to SpinRite which I know from personal experience is a unique and amazing utility.
-
I was refering to SpinRite which I know from personal experience is a unique and amazing utility.
I hit a home run once...back in little league. :)
-
I was just trying to be helpful, I'll keep my mouth shut in the future.
-
I appreciate your comment rjm. I still think that article in 2001 is bogus. Makes no sense.
-
I appreciate your comment rjm. I still think that article in 2001 is bogus. Makes no sense.
It was sarcasm. There has long been criticism that S.G. is more marketing and braggart, and many claims are nonsense and products vaporware. Do some research and don't be fooled by nonsense such as "nanoprobes".
-
I skimmed through the article and never quite figured out what nanoprobes are nor have I ever heard that.
The point is that the article, in my glancing over it, appeared to prove exactly what S. G. and everyone else already know--the Windows Firewall successfully stealthed incoming ports. WOW! No surprise there! What's the point of the article???
-
If you just skim, you'll miss the details. It won't be a surprise then if you miss the point! :)
The point of the article was a sarcastic poke at SGs marketing nonsense, vaporware and over-hyped security threats. The Register is known for this form of tech humor.
NanoProbes are nonsense. SG made it up. His supposed product which would use this amazing technology, hand-coded in assembler, would be blindingly fast, and detect security threats in milliseconds. And, of course, it never materialized.
The word charlatan comes to mind.
-
I run a linux box for a firewall and it includes a VPN server that was easy for me to set up.
Uses standard PPTP client connection built into xp and vista.
I use it to copy files sometimes, though it isn't fast.
I've also connected to MC's library server connection through the VPN.
This way I don't have to open MC's port to the internet.
The linux box is a bootable cd distro that's stripped down to just firewall, vpn, and related services. Not even a gui desktop on the thing. Easily mananged via a web browser. PFSense and there's other similar ones.
You could also look for a used hardware vpn from cisco or sonicwall on ebay.