Best architecture - upload file and save on different server

"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in
news:eN**************@TK2MSFTNGP10.phx.gbl:

What is the best architecture for getting the file from the remotely
hosted web site (Server3) to our SBS Server (Server1). We have a
3.5mbs connection. I had intended to use a webservice to receive a
stream from the HTMLInputControl and save that but there seem to be
some security issues I don't know how to overcome. My best
alternative so far is to redirect the upload to my Server 1 and save
the file using the File1.SaveAs method. Then use a FileSystemWatcher
to move the file to Server2.

Any suggestions would be greatly appreciated. Thanks,

Why don't you have Server2 or Server1 poll Server3 occasionally to see if
there are new files?

That way there are no incoming connections.

Accept the upload on server 1, either with upload to an aspx page or via a
webservice. Then use a windows service to FTP the file to server two (find
a secure ftp client to automate if you need to). Dont allow the ftp port
through the firewall and that way you only have port 80 open at your public
side, and its hard to hack through port 80 to another port on a different
machine if you have your machines well patched.

--
Regards

John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eN**************@TK2MSFTNGP10.phx.gbl...

Hi,

We need to allow webusers to upload a file on our website (on Server3, all
servers run Server 2003, remotely hosted) and eventually save it on our SBS Server (Server2) which is not exposed through our firewall. We have another server (Server1) within the SBS domain that is exposed through port 80 of
the firewall on which we host some web services and images.

What is the best architecture for getting the file from the remotely hosted web site (Server3) to our SBS Server (Server1). We have a 3.5mbs
connection. I had intended to use a webservice to receive a stream from the HTMLInputControl and save that but there seem to be some security issues I
don't know how to overcome. My best alternative so far is to redirect the
upload to my Server 1 and save the file using the File1.SaveAs method. Then use a FileSystemWatcher to move the file to Server2.

Any suggestions would be greatly appreciated. Thanks,

Pat

Could you elaborate on polling the remote server and then on the techniques
used to move the file?
Pat

"Anon-E-Moose" <an**********@yahoo.com> wrote in message
news:Xn********************************@140.99.99. 130...

"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in
news:eN**************@TK2MSFTNGP10.phx.gbl:

What is the best architecture for getting the file from the remotely
hosted web site (Server3) to our SBS Server (Server1). We have a
3.5mbs connection. I had intended to use a webservice to receive a
stream from the HTMLInputControl and save that but there seem to be
some security issues I don't know how to overcome. My best
alternative so far is to redirect the upload to my Server 1 and save
the file using the File1.SaveAs method. Then use a FileSystemWatcher
to move the file to Server2.

Any suggestions would be greatly appreciated. Thanks,

Why don't you have Server2 or Server1 poll Server3 occasionally to see if
there are new files?

That way there are no incoming connections.

1. So use a Windows service so authentication is not a problem?? Please
confirm this is the reason for the Windows service.
2. Could the Windows service use the File.IO class to move the file from
Server1 to Server2?

"John Timney (Microsoft MVP)" <ti*****@despammed.com> wrote in message
news:up**************@TK2MSFTNGP09.phx.gbl...

Accept the upload on server 1, either with upload to an aspx page or via a
webservice. Then use a windows service to FTP the file to server two
(find
a secure ftp client to automate if you need to). Dont allow the ftp port
through the firewall and that way you only have port 80 open at your
public
side, and its hard to hack through port 80 to another port on a different
machine if you have your machines well patched.

--
Regards

John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eN**************@TK2MSFTNGP10.phx.gbl...

Hi,

We need to allow webusers to upload a file on our website (on Server3,
all
servers run Server 2003, remotely hosted) and eventually save it on our

SBS

Server (Server2) which is not exposed through our firewall. We have

another

server (Server1) within the SBS domain that is exposed through port 80 of
the firewall on which we host some web services and images.

What is the best architecture for getting the file from the remotely

hosted

web site (Server3) to our SBS Server (Server1). We have a 3.5mbs
connection. I had intended to use a webservice to receive a stream from

the

HTMLInputControl and save that but there seem to be some security issues
I
don't know how to overcome. My best alternative so far is to redirect
the
upload to my Server 1 and save the file using the File1.SaveAs method.

Then

use a FileSystemWatcher to move the file to Server2.

Any suggestions would be greatly appreciated. Thanks,

Pat

I was able to use the HTTPPostedFile.SaveAs method on Server1 to save the
file on Server2 with the path, "\\server2\filename", which I thought was not
allowed but it worked. So this seems like a simple and effective approach.
Any securitiy issues?

"John Timney (Microsoft MVP)" <ti*****@despammed.com> wrote in message
news:up**************@TK2MSFTNGP09.phx.gbl...

Accept the upload on server 1, either with upload to an aspx page or via a
webservice. Then use a windows service to FTP the file to server two
(find
a secure ftp client to automate if you need to). Dont allow the ftp port
through the firewall and that way you only have port 80 open at your
public
side, and its hard to hack through port 80 to another port on a different
machine if you have your machines well patched.

--
Regards

John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eN**************@TK2MSFTNGP10.phx.gbl...

Hi,

We need to allow webusers to upload a file on our website (on Server3,
all
servers run Server 2003, remotely hosted) and eventually save it on our

SBS

Server (Server2) which is not exposed through our firewall. We have

another

server (Server1) within the SBS domain that is exposed through port 80 of
the firewall on which we host some web services and images.

What is the best architecture for getting the file from the remotely

hosted

web site (Server3) to our SBS Server (Server1). We have a 3.5mbs
connection. I had intended to use a webservice to receive a stream from

the

HTMLInputControl and save that but there seem to be some security issues
I
don't know how to overcome. My best alternative so far is to redirect
the
upload to my Server 1 and save the file using the File1.SaveAs method.

Then

use a FileSystemWatcher to move the file to Server2.

Any suggestions would be greatly appreciated. Thanks,

Pat

Use the windows service so the actual stages in the process remain
disconnected and therefore less vulnerable, hence the FTP on a different
port with a different set of credentials to the asp account.

You could use the file IO class if the service was running with enough
permissions to map to the remote server. For security howver file paths are
more vulnerable. For IO, you would be more secure doing a one way read only
file pull from server 2 to server 1.

If you used asp.net to save the posted file to another server you would
likely be running the asp.net process with enough permissions on the account
to mount a share on the remote machine - if that account gets compromised
the hacker has the permissions to mount the remote server too. This is less
secure but probably as easy to implement.

--
Regards

John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eH**************@TK2MSFTNGP10.phx.gbl...

1. So use a Windows service so authentication is not a problem?? Please
confirm this is the reason for the Windows service.
2. Could the Windows service use the File.IO class to move the file from
Server1 to Server2?

"John Timney (Microsoft MVP)" <ti*****@despammed.com> wrote in message
news:up**************@TK2MSFTNGP09.phx.gbl...

Accept the upload on server 1, either with upload to an aspx page or via a webservice. Then use a windows service to FTP the file to server two
(find
a secure ftp client to automate if you need to). Dont allow the ftp port through the firewall and that way you only have port 80 open at your
public
side, and its hard to hack through port 80 to another port on a different machine if you have your machines well patched.

--
Regards

John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eN**************@TK2MSFTNGP10.phx.gbl...

Hi,

We need to allow webusers to upload a file on our website (on Server3,
all
servers run Server 2003, remotely hosted) and eventually save it on our

SBS

Server (Server2) which is not exposed through our firewall. We have

another

server (Server1) within the SBS domain that is exposed through port 80 of the firewall on which we host some web services and images.

What is the best architecture for getting the file from the remotely

hosted

web site (Server3) to our SBS Server (Server1). We have a 3.5mbs
connection. I had intended to use a webservice to receive a stream from

the

HTMLInputControl and save that but there seem to be some security

issues I
don't know how to overcome. My best alternative so far is to redirect
the
upload to my Server 1 and save the file using the File1.SaveAs method.

Then

use a FileSystemWatcher to move the file to Server2.

Any suggestions would be greatly appreciated. Thanks,

Pat