Hi! I have some questions how to understand the usual security advices regarding file services and public networks. The usual scenario is a lan, with the internal servers (e.g. the file server), secured by firewall solutions, a dmz, with external servers like www or ftp, also secured with a firewall. Everybody tells you: isolate the fileserver from public networks, don't use smb or appleshare across the internet. Ok. But we have the following scenario: we are at university here, students want to acces data from the internet. So there must be some kind of internet access to the file server. Here are my questions: - Why do people run ftp servers to share files, but tell me that cifs(smb) and appleshare are "insecure" on public networks. Both encrypt passwords... and data is not encrypted in ftp, too (?). I is much simpler for users to use the same protocol (smb/applehare) in university networks and at home (and ftp doesn't keep type and creator information important for the mac-clients). - I don't want to have one external server and one internal. I'm almost sure that just the file I need when connecting from the outside will always be on the internal server than ;-), and how to explain our users that they have one account, but are to store data ont wo file servers... Is it the only solution to have one internal and one external file server, not connected? - If I really install a second external file server, what about linking it into the internal one? So I could create a subdir "internet_box" in users' home dir's, pointing to their nfs-mounted directories on the external server. So they could decide to make their files internet-accessable or not (some will have all their data on the external server, while seeing only one file server, while others who only work from university network won't use this directory at all). What about this scenario? How do you implement such installations? We are going to expand our students' computer lab soon, and I want to have a clear structure of servers and networks before. Thank You, CU, Lars. www.rechnerpool.com