Compare and Contrast Different Methods of Sharing and Storage
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
8 hours 53 minutes
welcome back to domain for networking, and we're now at Module 4.3.
Compare and contrast, different methods of sharing and storage.
So here we're going to look at sharing off files across the network, and we'll see that there's a variety of methods available. Http ftp and so on.
We'll talk about how files can be stored.
They can either be stored locally or hosted on remote servers.
We'll also talk about something called peer to peer networks
well, look at printing
both setting up local printers and setting up network printers and connecting two printers across the network.
File sharing was one of the first uses off computer networks,
and the benefits of file sharing include the following.
By sharing a file onto the network, the user can easily distribute, say, a document to multiple uses on the network.
They can allow collaboration on documents, so if a document is stored centrally somewhere on the network,
many different users can access it updated, make changes to it and so on.
You can also have a central location of the network where you store your files, and those could be easily backed up by, say, your network administrators,
and we could also use it to distribute applications to users or customers
these days. For example, many times when you're buying a new program and application,
you're actually using a download. So you're downloading off the Internet rather than purchasing a physical CD or DVD,
so that an example of using file sharing to distribute applications
and one of the most common uses of this or that people don't often think of this as file sharing is websites and Web pages.
Ultimately, a Web page is just a collection of files.
Your browser connects to the Web server, and it downloads all the parts that make up a particular page, and then it formats and displays that to you within the browser.
For example, if you see several pictures on a Web page, each is usually a separate file that has been downloaded from the Web server.
So there again, that's a former file sharing. That website is made up of a number of files, and those are that made available to anyone who connects to that website.
One thing you do have to worry about that when sharing files onto the network is security
now in order to keep things secure. You can set permissions whenever you share files. And those permissions can prevent unauthorized users from accessing the files, downloading them, opening them and so on.
Um, they can also be used to say what you can do with the file.
For example, I could use the permissions to say users can only read the file If it's a document, or if it's an executed ble, they can execute the file. But I can prevent them from making any changes to the files if I want.
The other thing to think about is this. When the file is being downloaded across the network,
is it protected?
Ideally, any file should be encrypted before it is sent across the network. So there is a malicious actor on the network whose may be capturing your network traffic.
They can't read the contents or what you're actually sending across the network.
If a file is encrypted, of course, at the other end, it is decrypted by the receiving system.
Most of the older protocols that were used for file transfers were insecure.
In other words, they did not encrypt files before sending them across the network,
and that is true of http, and it's true of FTP as well as we will see,
one of these simplest ways of downloading the file is to click a link on a webpage.
In that case, either http or https could be being used.
If http is being used, that is an unencrypted connection,
and the file that you download from the Web site travels unencrypted across the Internet.
Now, of course, that may or may not be a problem. If it's a public document you're downloading, then you don't care if somebody is reading the contents of the packets.
If it's an application you're downloading, you probably don't care either.
But what if it's a sensitive document that you're downloading? In that case, you would like it to be encrypted
now to ensure a secure download that is encrypted. You have to use https,
but the problem is
that you may not realize which is being used,
and normally you don't see a choice on a Web page like you never see a link that says, Here, this uses a cheeky P, and this other link over here uses https. We don't get that choice usefully.
So who is controlling that while whoever created the website, the owner of the website, decides whether that link is http or https,
Unfortunately, there is a way of finding out which protocol will be used on. We'll have a look at that next.
So here is a Web page that offers a download,
but instead of left clicking on it, I'm going to right click on the link
and then I'm going to copy.
It's a dress,
and then I'm going to paste it into note pad,
and if you look here, you'll see it's using H T T. P s.
So that would be a secure, encrypted download.
So now I can left click on it and it begins to download
now. One protocol that was commonly used for doing file transfers in the early days of the Internet was FTP file transfer protocol.
As you can see, it's been around since the 19 eighties,
and this was often used to download files from any server that was configured as an FTP server,
and in some cases you could also upload files to the FTP server.
One big advantage of FTP is it supported by a variety of operating systems. So for example, if my client computers running windows,
but the server right is you're running UNIX.
They're two completely different operating systems, but
they probably both support the use of FTP
so I could connect from the Windows machine to the UNIX machine, and I could download and upload files to it using FTP.
But FTP is insecure,
the files that you upload and download and the commands you send across the connection. I'm not encrypted,
if it requires you to log in
and you type in your username and password,
that also is set in plain text across the network. And in many cases that's actually worse, then the fact that the file is not encrypted because if your credentials are not encrypted, anybody who is snooping on the network using a tool like a packet sniffer that picks up and examines the contents of network packets,
they would actually see your log on name and your password in plain text within the appropriate packet.
So that's the big problem that not only are the contents of the file exposed as they travel across the Internet, but so your credentials, if you were required to log it
and a malicious user would have possibly captured that and be able to read the contents of the file and see your user name and password.
So one way about ING security to an FTP connection is to combine it with SSL
much in the same way as we combine. Http with that's a cell to give us a secure connection to a website,
F. T. P s is the use of ftp onda as a cell. Together,
this is a widely supported mechanism
and provides secure authentication and encrypted connections.
There is another alternative, and that is the use of secure shell with F d. P.
Secure Shell was originally designed to allow remote administration of UNIX servers, but in a secure, encrypted connection, so that too can be combined with FTP, in which case is referred to as sftp
rather than F. D. P s, which we saw in the previous slide.
So this now be extended to support file transfers,
and this is widely supported in the UNIX world. So it provides encryption. It provides secure authentication. In other words, it does not expose your credentials over the network
on is more flexible in terms of the commanded offers, then ftv ESTs.
So which should you use? Well, once again, just as with at http and https, it may not be up to you. Which one you use.
It is typically dependent on the FTP server that you're connecting to. It may either support as FTP or F T. P s, in which case you have to use whichever one it supports. Technically, though, sftp has an edge in the strength of the security mechanisms used if you do have a choice.