Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
this mornings ?... sheesh... I luv this linux?.org thing...
anyhow... I have a three legged firewall set up... a DMZ webserver on its own intra-network and a seperate LAN intra-network. On my LAN I can SAMBA from a windows development box to a Linux box and store files where I want them (this is to file developed Dreamweaver html etc)... so far ok.. now ?
Choice #1 might be to do the same thing to the webserver box... i.e tunnel thru from the Windows development box to the DMZ webserver and put SAMBA on that webserver and then load the files directly... seems awful loose on security to me?
OR...
maybe SAMBA inside my LAN and then share the files over to the webserver form the Linux LAN box... might be a bit more secure if the permissions were careful, the iptables rules reviewed etc... even SSH might be useful I dunno?
I'd rather NOT put SAMBA on my nice tight DMZ webserver...
please enlighten me, ? which way do the "big boys" load developed pages & do this? or is there a third option better than either of these ideas?
yea, that sounds right to me...? might I get lucky and get a Windows version of open ssh for the developer box? called putty? or is there a better one?
Personally I would not allow access from your DMZ to your internal LAN. I would push the files from your LAN to the DMZ via sftp or scp. Because the servers in the DMZ allow partial public access, they are not fully trusted like computers on your LAN. Allowing inbound access to your LAN potentially compromises those systems if a system in your DMZ is compromised.
totally agree, and it took some time to get ANY security level going... so there in lies my? I prefer to not use FTP, supposed to be wide open... and the way might be to do a openSSH... wonder if this ~putty~ is any good? or is there a better one now? use the putty for the windows openSSH client... hmmm...? never looked at it. I can SAMBA to the Linux box on the LAN and then 100%+ safe just floppy the info to the webserver... but sheesh... kinda pathetic... so my thought is what do the huge websites do? do they SSH or SAMA or ? what?
P.Biter
sorta?secure but a little paranoid after reading a little. a little knowledge is a a dangerous thing huh.
Thanks much... U R 100% correct... by coincidence I was fumbling about on google, and I did download that exact pkg and yes, it is keen... still some unresolved issues on access and defining the server name etc... but yes that one works real good. your recommendation is on the money...
I have decided to "cheat"... the whole thing got another wrench thrown in Sunday, turns out Dreamweaver 4 does NOT like SSH of any kind... FTP etc... port 21 not 22 etc... ad nauseum.. so i have approached it from a totally different plan... but someday I will need to get on to the webserver from a distant windows box and winSCP is THE way.
thanks for the clue,
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.