Solved

copy data securely in Windows.

Posted on 2013-01-12
6
226 Views
Last Modified: 2013-02-01
Hi,

I need to create an automate job to copy some sensitive data from one Windows 2k8 server to the other securely.  

Can someone please advise a way to do this?
0
Comment
Question by:nav2567
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:sognoct
ID: 38769858
are the two server on the same lan ?

if they are not on the same lan best way is creating a vpn between the two lan and transfer with just a batch "copy"
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 38770040
there are lots of ways to do this, with the one from sognoct being a valid solution.
equally valid are:

1) running a dedicated network cable between the two (or ensuring they are on the same physical switch, and have static MAC assignments)
2) use an existing or install a new service that supports encryption (such as a https or sftp server)

those (and the answer from sognoct) match the same solution in general - protect the means of transmission, then move the data across that protected method

if the data is in a database, you can often obtain encrypted data access using an x509 certificate (ms sql server supports this, for example) which amounts to the same thing :)

3) encrypt the data, move insecurely, decrypt the data at receipt.

this is the alternate solution - you can trivially script encryption and decryption, then it doesn't matter which protocol you use to move the data.
0
 

Author Comment

by:nav2567
ID: 38771735
Both my source and target servers are Windows 2008.

I am exploring WSCP but it does not seem to be able to do this.  Please let me know if this is not correct.

If I choose to encrypt the data and copy, is 7ZIP secure enough?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 33

Expert Comment

by:Dave Howe
ID: 38772434
wscp requires a backend ssh server, or sftp server - you don't get either of those "out of the box" with windows 2008 - you could install that (http://www.freesshd.com/) if you wish.

7-zip is a really good example of password protected AES software - I usually recommend it for one-shots, but it will work fine for multiple instances too (you can run 7zip from a script) - note that good cryptographic practice is *not* to repeat the use of a password, so you may need to have some sort of password schedule (not an issue if you are using openssl or gpg for your encryption, as those two methods use a hybrid encryption system that automatically uses different keys each time).
0
 

Author Comment

by:nav2567
ID: 38775859
I have installed GPG for Windows and encrypted and created some gpg files.  

I used the gpg --armor --output "key.txt" --export "myname" command to create a public key.  I then copy the key to another machine with the same software installed and use the pgp --import "key.txt" command to import the key.  

I then use the gpg --decrypt-files "c:\test\file1.txt.gpg" command to decrypt the file and get the "description failed: No Secret Key" error message.

Am I missing anything?

Please advise again.  Thanks.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38777425
you need the secret key (not public key) to decrypt. if you encrypt on the machine with only the public key (key.txt) you can decrypt that on the machine that has both secret and public keys on it.

GPG4WIN should come with a gui key manager to make import and export easier, or just copy the keyring files across (pubring.gpg and secring.gpg)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Adoption of Microsoft’s Enterprise Mobility and Security solution and Office 365 will re-order the File Sync and Share market Microsoft has stated that its Enterprise Mobility + Security (EMS) is the fastest growing product in the history of the …
Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now