Use the windows service so the actual stages in the process remain
disconnected and therefore less vulnerable, hence the FTP on a different
port with a different set of credentials to the asp account.
You could use the file IO class if the service was running with enough
permissions to map to the remote server. For security howver file paths are
more vulnerable. For IO, you would be more secure doing a one way read only
file pull from server 2 to server 1.
If you used asp.net to save the posted file to another server you would
likely be running the asp.net process with enough permissions on the account
to mount a share on the remote machine - if that account gets compromised
the hacker has the permissions to mount the remote server too. This is less
secure but probably as easy to implement.
--
Regards
John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eH**************@TK2MSFTNGP10.phx.gbl...
1. So use a Windows service so authentication is not a problem?? Please
confirm this is the reason for the Windows service.
2. Could the Windows service use the File.IO class to move the file from
Server1 to Server2?
"John Timney (Microsoft MVP)" <ti*****@despammed.com> wrote in message
news:up**************@TK2MSFTNGP09.phx.gbl... Accept the upload on server 1, either with upload to an aspx page or via
a webservice. Then use a windows service to FTP the file to server two
(find
a secure ftp client to automate if you need to). Dont allow the ftp
port through the firewall and that way you only have port 80 open at your
public
side, and its hard to hack through port 80 to another port on a
different machine if you have your machines well patched.
--
Regards
John Timney
Microsoft Regional Director
Microsoft MVP
"Pat Carden" <pc*****@bellsouth.nospam.net> wrote in message
news:eN**************@TK2MSFTNGP10.phx.gbl... Hi,
We need to allow webusers to upload a file on our website (on Server3,
all
servers run Server 2003, remotely hosted) and eventually save it on our
SBS Server (Server2) which is not exposed through our firewall. We have
another server (Server1) within the SBS domain that is exposed through port 80
of the firewall on which we host some web services and images.
What is the best architecture for getting the file from the remotely
hosted web site (Server3) to our SBS Server (Server1). We have a 3.5mbs
connection. I had intended to use a webservice to receive a stream
from the HTMLInputControl and save that but there seem to be some security
issues I
don't know how to overcome. My best alternative so far is to redirect
the
upload to my Server 1 and save the file using the File1.SaveAs method.
Then use a FileSystemWatcher to move the file to Server2.
Any suggestions would be greatly appreciated. Thanks,
Pat