Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Best/Secure P2P File Sharing Solution?

Posted on 2004-04-01
Last Modified: 2013-12-04
I'm looking for an easy, yet safe way to share a couple of files with a friend of mine. We run a server (I am the webmaster, he has no clue about technical stuff) and host a couple of websites that we both live from. I want to be able to place important files (program files, how-to instructions, passwords, etc.) into a shared folder so he has access to all the relevant information when I'm not around. His machine runs Win98, mine Win2k - please note that these are just private computers, NOT servers.

One idea was to use the Microsoft Network Client to set up a real shared folder that we both have access to. The downside to this might be that - in general - it might not be a good idea to open up a private computer to networking at all if this can be avoided. (I would assume that this generally increases vulnerability, as opposed to a machine that is GENERALLY not supposed to be accessed from the outside.)

The other idea was to simply email him all this information and have it automatically sorted to some special folder within Outlook Express. (Outlook Express however isn't regarded as a safety haven either, and I would assume that information that is stored within OE is more in danger than information stored elsewhere on the computer - just thinking of possible viruses that just grab random mails and forward them to random users. Or am I wrong here?)

Some input/opinions would be appreciated! If you were in my situation, would you favor one of the two solutions, or do you have a different idea? (Please keep in mind that a solution should be simple and convenient above all, security is an issue - and the reason for this post - but we are not a Swiss bank.) Thanks!
Question by:yosmc
LVL 12

Expert Comment

ID: 10732276
Step-by-Step Guide to Public Key Features in Outlook Express 5.0 and Above - Short white paper from Microsoft on configuration ofOutlook Express 5.0 with regards to the use of certificates and encryption/signing of mails. 2 pages.

Expert Comment

ID: 10742374
Something I'm not clear on:  You said you're running a web server, right?  Is that a public webserver running with a server OS, a public web server running off your 2kpro box, or a private web server on your 2kpro box on your network that you both share?  A little more info on that web server and whether you 2 are on the same network would be helpful.
LVL 38

Expert Comment

by:Rich Rumble
ID: 10747646
Could of sworn I posted here already... anyway IPSEC tunnels between your windows boxes. Email can have a limit to the size of the attachment you send, and it's plain-text. You could use winzip and encrypt the attachement, but I think you'll find ipsec a safe and secure connection, basically an encrypted tunnel between your friend and you,.
http://www.securityfocus.com/infocus/1528 (more links at the bottom of that page)
www.checkpoint.com/products/smallbusiness/ downloads/safe@_ms_vpn.pdf
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.


Author Comment

ID: 10747678
Werewolf, forget about the server - I was just trying to provide some background info, but the part about the server was misleading, sorry. What I'm trying to do here is between two Windows PCs that are NOT servers.

Tryware, I'm not sure if your approach really helps me. I'm not that concerned about the transfer of the data. We use secure pop and secure smtp, and while I'm aware that that's not perfectly safe, I would assume that it's safe enough for our purposes. What I'm more concerned about is the safety of the data once it's lying in an Outlook Express folder. Again, maybe that's not justified, but that's exactly one of the things I'm trying to find out. :)
LVL 12

Expert Comment

ID: 10747734
> "  What I'm more concerned about is the safety of the data once it's lying in an Outlook Express folder"

That's exactly what http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/pubkeyox.mspx is about. There are 2 options in this: Digitally sign AND/OR encryption

9.  If you want to encrypt all e-mail that you send, select the Encrypt contents and attachments for all outgoing messages option.
***end of quote***

LVL 12

Expert Comment

ID: 10747795
Maybe consider this, but create a guest user for your friend.

Remote Desktop Web Connection 5.2.3790

You must be using Internet Information Services (IIS)


Author Comment

ID: 10747848
Richrumble, if I get you right, you are basically suggesting to go for the VPN/Microsoft Network Client approach, but to make sure that both computers run Win2k so the safer L2T Protocol can be used?

Tryware, I've re-read the document you provided, but to me it's still about encrypting a mail message for transfer and decrypting it on the other side. Sorry if I'm getting someting wrong here.

Wouldn't Remote Desktop Web Connection punch a larger hole into the security of my machine than the other approaches would, given the fact that I just want to share a couple of files?
LVL 12

Expert Comment

ID: 10749074
>"What I'm more concerned about is the safety of the data once it's lying in an Outlook Express folder"
>"but to me it's still about encrypting a mail message for transfer and decrypting it on the other side"

When you encrypt your emails and attachment in outlook express, you gets the same done to the files in the outlook express folders (I'm not talking about NTFS Encrypting File System)

LVL 12

Expert Comment

ID: 10749111
>"Wouldn't Remote Desktop Web Connection punch a larger hole into the security of my machine"

A hacker just wants to get access to your network connection card (NIC). That done through your internet connection, your computer is always vunerable in many different ways. Some of them are easy for you to deal with and others are difficult.

Using ipsec as RICHRUMBLE commented, or encrypting your email is the best solutions, because they use 128 bit encryption.

Remote Desktop Web connection could be vunerable, because it's your username and password policy, that stops the hacker.
LVL 12

Expert Comment

ID: 10749125
If you DO NOT NEED to share files across the Internet

Getting a personal Firewall

Download the free version of Sygate personal firewall

Download the free version of ZoneAlarm firewall

Comparative reviews of personal firewall software:

Firewall Product Selector - Choose yourself which one to compare

The Internet Connection Firewall Can Prevent Browsing and File Sharing

LVL 12

Expert Comment

ID: 10749133
Security Features of Internet Connection Sharing

Sygate free scanning your security: quick, stealth, trojan, tcp, udp, icmp

One Usage of the HACKYOURSELF scan: TCP Scan (65534 ports),UDP scan (800+ ports), and Netbios Scan

Shields UP! quickly checks the SECURITY of YOUR computer's connection to the Internet.

Port scan.. Get an instant security analysis now. You dont even need to know your own IP address!

LVL 12

Expert Comment

ID: 10749178

Author Comment

ID: 10764746
> When you encrypt your emails and attachment in outlook express, you gets the same done to
> the files in the outlook express folders (I'm not talking about NTFS Encrypting File System)

Do you happen to have some more information on this? Because it doesn't explicitly say so in the document you provided, and I'm a little worried about losing/breaking my key and not being able to access my own email anymore. ;)

The stuff on http://grc.com/su-fixit.htm is basically the reason for this thread - I've read MANY times that "Client for Microsoft Networks" is a huge security hole. Now if it's something that I needn't worry about as long as I have a firewall (I use Zone Alarm) I still have no clue.

Does anyone have experience with Microsoft's IPSEC client for Win98? Because as I said, my friend uses Win98, so IPSEC tunneling won't work - at least not out of the box.


Accepted Solution

Computer101 earned 0 total points
ID: 11472167
PAQed, with points refunded (250)

E-E Admin

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question