Solved

Is it possible to encrypt CIFS?

Posted on 2007-11-20
5
2,752 Views
Last Modified: 2013-12-04
Is it possible to encrypt CIFS. From what I've read CIFS uses 445, opposed to typical smb which uses 139 and some other standard ports. Is there anyway to encrypt this like ssh? I would like to be able to setup encrypted file sharing between desktops and servers.
0
Comment
Question by:WinPE
  • 2
  • 2
5 Comments
 
LVL 31

Assisted Solution

by:Toni Uranjek
Toni Uranjek earned 200 total points
Comment Utility
Hi!

You can implement IPSec: http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/prork/prcc_tcp_gebv.mspx?mfr=true

In domain environment you can use predefined Secure Server rule on servers and Client rule on clients. Predefined rules will use Kerberos as authentication method. I would advise that you do not enable IPSec on servers which hold multiple roles, e.g. domain controllers.

HTH

Toni
0
 

Author Comment

by:WinPE
Comment Utility
Well this is mainly so that I can connect some of our development windows desktops to our production servers. Desktops and Servers are on two dif networks. So I need some way to encrypt the file sharing process other than ssh? I cant setup ipsec tunnels from every desktop to every server.
0
 
LVL 31

Expert Comment

by:Toni Uranjek
Comment Utility
Why you can't setup tunnel from every desktop to server? If this is domain environment you can use Group Policy to assign IPSec policy. You would need two OUs, one for desktop and one for servers and two GPO with different IPSec policy settings.

Are you concerned that traffic between desktops and servers can be intercepted?
0
 
LVL 19

Accepted Solution

by:
SteveH_UK earned 300 total points
Comment Utility
If you are talking about a remote network scenario, have you considered implementing a VPN?

VPN features are built in to Windows, so there isn't a cost issue.

You should use LT2P/IPsec for a secure service, but PPTP is also acceptable in many circumstances.
0
 

Author Closing Comment

by:WinPE
Comment Utility
Thanks Guys for the help.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now