# Samba share over internet secure?

## bastibasti

I have to make a samba share available to 3 groups of people over the internet. VPN is not  recommended. is Samba fairly secure or should I rather leave it?

----------

## ToeiRei

If I were you I wouldn't do it.

----------

## elgato319

Just leave Samba out of the intenet.

You need them to download some files quickly: use http

You want the to be able to upload something: use ftp (you can use IE to access FTP, uploading will work via drag and drop)

----------

## Cyker

It is almost completely unsecure.

LAN-oriented stuff like that should really be run over a VPN on some other encrypted tunnel.

Ideally you'd use some sort of SFTP thing instead with a virtual mount point...

----------

## ToeiRei

if you are using linux, you might want to check out the sshfs stuff which is a fuse-filesystem utilizing the sftp service. If you are using win32, you might want to check out winscp(.net)

----------

## bastibasti

they are trying to work on 1 file over the internet. the file is a M$ excel file. using a samba share they would get "user x.y is currently working on this file..."

I think i will look at ftp, as ftp is already set up on the server. I was just wondering whether there is a better way.....

----------

## Hu

If these people are hopeless Windows users, you could set up a proper revision control system and require that the file be locked before they begin editing it, and unlocked when they check it in.  That may be overkill, but it would communicate the locking between peers and let you recover in case someone accidentally trashes the file.  Most modern RCSs support some form of secure transport, so the file and associated metadata could be encrypted in transit.  Subversion supports using ssh or WebDAV over HTTPS for encrypted connections.

If I may ask, what network topology brings you to this point?  Specifically, why are these people operating out of remote offices where there is no secure connection back to the home office?  Even worse, who let these people run Windows out of such an office?

----------

## Cyker

TBH, ftp isn't a whole lot better (Transfers are still unencrypted) but I am under the impression exposing ftpd to de Internetz is less risky than exposing Windows filesharing and SaMBa to the same...

----------

## GNUtoo

samba+ssh is possible...

just tell them to insstall putty and to use the port fowarding option

but mabe the version conrtol are better than samba...

mabe you should look or make frontends for windows or use cygwin to get theses frontends

----------

## bastibasti

Basically it 3 non-interlinked offices but all 3 have to work on one xls file. Its not massive work, and because they are in different time-zones it is unlikely that they work on the file at the same time.

----------

## revertex

I'm sorry for ressurect this old thread, but it may have use as reference.

there is a package called "Unix tools for Windows" you can grab it in microsoft website, and setup a nfs share linux <=> windows.

It's pretty safe and esasy to configure.

there is a lot of others free and commercial alternatives, like (opensource) copssh for windows, or (commercial) sftpdrive.

----------

## thecooptoo

use googledocs ?

----------

