Quote:
Is it possible to set up a totally secure network and NAS, yet still have the data stored thereon accessible via the internet ?
|
No way. A totally secure system is one that is unplugged from any network and encased in cement. No joke.
It's difficult to answer your question without knowing more details. At a glance I'd suggest setting up a ssh server and following some basic points:
1. Allow only pubkey authentication.
2. Disable ssh protocol version 1.
3. Disallow root login via ssh.
4. If your remote user will always be connecting from the same IP or network, restrict access using iptables/netfilter and tcp_wrappers.
5. Tell it to listen on a non-standard port. (e.g. 55)
That, and your vigilant monitoring, will make it very secure. From there, enable the sftp subsystem and let the user access the data that way. I believe there are even some nice, pretty GUI frontends for sftp.
Encrypting the data on the server is your last line of defense in this case. Be thinking about restricting access to the server first.