Saturday, August 7, 2010

Securing your file transfer

Quite often we end up in a situation where we would like to transfer some files to our friend or between our home and work laptops. But are worried about the security of the data being transferred. Using emails is not possible, as these are usually unencrypted and limit the size of attachments. Personal torrents are also ruled out as service providers may block torrent traffic, and many organizations don't allow torrent traffic from within their firewall to the outside world (you can actually get sacked if caught doing it!!). While I do agree that torrents are the best solution we could have, it is not so much trusted by the general community.

Another solution would be to have FTP over TLS/SSL (secure FTP). But this would mean having to constantly adapt to changing IPs (unless you have a static IP). And still being available on the general internet as a FTP server. Any person with the right user id and password, could still ftp to your laptop.

However I came across Comodo's (www.comodo.com) free Easy VPN software (http://easy-vpn.comodo.com/download.html), that provides the extra level of security we need. Combine this with any free ftp client server software like filezilla (http://filezilla-project.org/), and you are ready to go.

Basic Concepts,

What is VPN:- It is a private network which is layered on top of the internet. Simplly put it is a secret tunnel inside the internet in which only those can enter and meet who have the key to the tunnel's door. Bottom line, it is more robust than https and ftps. Organizations the world over trust theirs VPNs to allow their staff to "work from home". For more details (if you are interested that is) you may read the wiki article on VPN (http://en.wikipedia.org/wiki/Virtual_private_network).

What is FTP:- It is a standard network protocol for transfer of files over TCP/IP based networks such as internet (the VPN in our case) and LANs. Further reading from the wiki article. (http://en.wikipedia.org/wiki/File_Transfer_Protocol).


How to start,

So I guess you have two machines which need to talk. Decide which one will be host and which one will be client (both could be both for that matter). Download and install Comodo Easy VPN. Log into this software, and create a user id. To put things simply, this is just like any other chat client (yahoo, gtalk, aol, skype etc) but also provides the VPN feature. Other Easy VPN users can discover you and add you as a friend. Only people you accept as friends can connect to you (this is where security comes in). Comodo assigns a static IP address to each user. This will be displayed next to your user id. Repeat this installation on the second machine. Add each other as friend! So at the end of it, you would have machine 1 with static IP address A, and machine 2 with static IP address B. Type hello to each other to check if it is working (silly but important !) Lets decide machine 1 will be host, and machine 2 will be client. Leave the Comodo Easy VPN running on both machines. It should look something like this (I have erased details specific to me for security reasons):

Download and install Filezilla server,

 on machine 1. I would recommend a full installation, with manual start setting (that is ftp server is installed as a service, and does not auto start with either windows startup or user login. It has to be started explicitly). The next step is very important. Since you have installed COMODO VPN, you would typically have the following IP addresses (or something like these) allocated to machine 1. (You can check this by running "ipconfig" command from command prompt in windows)

127.0.0.1 default IP for local in windows
192.168.1.* default IP for your machine on your LAN / Wifi
A dynamic IP provided by your service provider
The static IP address A from Comodo, which will be something like 5.*.*.*.

Customizing FileZilla server ,

Start the Filezilla server, and go to Edit -> Settings and change the following options

1) IP Bindings. By default, Filezilla server will allow connections to all IP addresses listed above. Change this to only IP address A


2) Create a user account for accessing the FTP


3) Set a Shared Folder, and set is as Home Directory.

4) Start the server, by clicking on the bolt icon.


This was pretty much the basic steps for the host machine. Now with the client.


Download/Install/Customize the Filezilla client,

on machine 2. (I am assuming Comodo Easy VPN is up and running, and user @ Machine 2 is already friend with user @ Machine 1).  Start the client. Enter the connection details, IP Address A, user ID and password created in step 2 on machine 1. And click on "Quickconnect" button.

If all went well, this will establish the connection, and you will be ready to transfer files. The home directory set in step 3 will be displayed as root "/" in "Remote Site" box. You can browse in this location to make file transfers happen (depending on level of permission granted by server during step 3. did you notice the check boxes back there?).

The steps described above are specific to Windows OS, and the softwares prescribed. However you may setup your own solution on windows / mac / linux platforms using several similar software available from the internet.

Possible problems you could run into,

Comodo Easy VPN would need to be able to add exceptions to your firewall. Since I have firewall software from Comodo, I did not face any issues. But other firewalls may block and/or cause problems with Comodo Easy VPN. For any troubleshooting, you may contact Comodo Support (its free!) by registering at https://support.comodo.com/

The FileZilla FTP server would also need to add exceptions to your firewall, and you would need to allow incoming FTP requests from clients. If there seems to be a problem, you can go asking for help at http://forum.filezilla-project.org/

And in the end, I would recommend to go through help section in your firewall software as well, to check on how to change settings for FTP and VPN connections.

Hope this article was precise and will help you in setting up a FTP over VPN network.

Did I miss any obvious information,

If so, then please leave a comment, and I will try to put that detail in here.

Credits / Disclaimer,

All softwares discussed in this post are copyright products from their respective supplier/vendor. This post was not aimed at promoting or reviewing these products. Any harm caused by using these softwares / following the steps outlined in this post will not be the responsibility of the Author of The Dark Book.  Please make sure you understand what you are doing before you attempt to setup a FTP over VPN network, especially when you play with your firewall settings. If you need to transfer data between your home and work laptops, then it would be best (rather advised, and sometimes compulsory) to use softwares approved by your organization.

Switched to Fadnis.org

Finally tried my hands at something I have been trying so long. Getting a custom domain name, and moving my blogs and email on to this new address.
 
Migrating from wordpress was the worst thing I had to ever do (I had ditched blogger in the past for a wordpress.com account). But blogger's solution combined with google apps is by far the cheapest combination I could find on web for getting a custom domain with privacy protection, and making it work with a blogging website and email application.
 
I would like to thank the application developers of the website http://wordpress2blogger.appspot.com/ for this made the transition from wordpress to blogger quite easy. I could at least retain all my text, comments, posts and pages. The only loss is of the wordpress images, which are no longer accessible as I deleted my wordpress blog. But there's always a learning curve with something new that you try :-) I still have all those images on my hard disk, and may as well go an edit the 100 odd posts to make the images work anew.
 
The next challenge is to switch to my new email id (still haven't finalized what it shall be). I am giving second thoughts so as to why should I be doing it, and would there be any advantages in doing it.
 
After I sort all this out, I am going to try my hands at wordpress.org web hosting (not wordpress.com) using a free web host www.zymic.com Thanks to www.HUKD.com Hot UK Deals, I was able to locate the reference of this free web host. With limited bandwidth, and 3-5 free MYSQL databases and no ads, this looks to be quite a package for a hands-on at wordpress.org hosting.
 
The bottomline, http://darkbook.wordpress.com has been moved to http://sidsdarkbook.fadnis.org

Friday, August 6, 2010

It happens only in India

KFC advertising its finger lickin good "Veg Zinger Burger" in prime time slots on TV, just to beat McDonalds. I just lost my respect for KFC.