RE: [tlug] network file system recommendations

[patrick.niessen@example.com]

> -----Original Message-----
> From: J. David Beutel [mailto:jdb@example.com] 
> Sent: Thursday, September 25, 2003 6:43 PM
> To: tlug@example.com
> Subject: [tlug] network file system recommendations
> 
> 
> At home, I'm using an old machine as a firewall and mail 
> server, as well as a web server and servlet container real 
> soon now.  I want another machine on my internal LAN to 
> incrementally backup the files from the firewall (to HDD 
> and/or CD-R/W) and run tripwire on them from time to time.
> 
> So I'm thinking of running a networked file system from my 
> firewall to my internal LAN.  Is this a reasonable strategy 
> (for convenience, security, etc)?  Should I use NFS, Samba, 
> or something else?  I'd like to have Samba on at least a 
> subdirectory, for when I occasionally use Windows, especially 
> on my little, old notebook.  But I want to limit worm access, 
> especially from Windows.  So I need to export most of the firewall's 
> directories read-only, and use protocols that are reasonably secure.

I recommend not running any of those services you mentioned on your
firewall, as they will make it more vulnerable.  INstead you can use scp or
sftp commands to download files through a secure connection (it uses the
secure shell protocol).  You may also want to look at rsync, which also uses
ssh to communicate.

Patrick