A Network issue

rupesh has asked for the wisdom of the Perl Monks concerning the following question:

Hello fellow monks!
Here's the picture,
I have, say 8 workstations in a network. All these machines are in DMZ(De militiarized zone). There is a perl script which runs on all these boxes and it creates a log file. Say the log file is populate.log file in a folder called reports

What I require is that, to get the text file from each of these boxes to my local drive. Will I be able to do the same using a socket-server connection (which I am not familiar with ) over a secure port for these boxes which are in dmz. If so, then what are the permissions and pre-requisites to perform the same. Otherwise, is there any other alternative?

I have tried ftp as well as creating a folder share, but ftp fails to do so from a box which is under DMZ, and i have to get special priledges for it, which I think would take quite some time.

Any help would suffice
Thanks for your time.

we're born with our eyes closed and our mouths wide open, and we spend our entire life trying to rectify that mistake of nature. - anonymous.
Comment on A Network issue

Replies are listed 'Best First'.
Re: A Network issue by esh (Pilgrim) on Aug 20, 2003 at 05:44 UTC
TomDLux mentioned ssh which is a great option. In particular you can use the scp program to copy files over ssh, or even use rsync over ssh. The ssh protocol solves the problem of deciding who to trust and it also encrypts your data transfer which can be a handy benefit. These programs tend to be pre-installed on modern Unix variants, or you can check out openssh. Unfortunately, I suspect you are on Windows since you used the term "folders". There seem to be ssh servers for Windows, but you'll have to ask others for recommendations on which one to use. Since the boxes you want to transfer the files from are in a DMZ, you will want to make sure you use an ssh connection from a trusted box to the DMZ boxes, even though the data transfer is going in the other way. It's ok for your DMZ box to trust your protected identity on a secure box, but it's not good for your internal box to trust the identity of an account on a box that is in danger of being compromized. Since you talk about getting "special privileges", it's not guaranteed that you'll be able to set up or connect to an ssh server. It sounds like you may need to talk to your network or sys admins and find out what they recommend for the data transfer. Other options include running a web server on each DMZ box and downloading the log files using the standard HTTP protocol. It could even be encrypted using SSL, but make sure that you configure the web server to not allow access from untrusted systems or you'll be publishing your private data to the world. If you want more help, you'll probably need to provide more details on your operating systems, network structure, protocols available, etc. -- Eric Hammond	[reply]
Re: A Network issue by Abigail-II (Bishop) on Aug 20, 2003 at 08:38 UTC
A totally different alternative is to not do your own logging. Use the syslog service for logging, and have the syslog service log everything on a single box. Abigail P.S. Please fix your sig. You aren't closing your italics element properly.	[reply]
Re: A Network issue by TomDLux (Vicar) on Aug 20, 2003 at 05:22 UTC
Investigate `scp`, part of the `ssh` package. The MS version is putty. -- `TTTATCGGTCGTTATATAGATGTTTGCA`	[reply]
Re: A Network issue by aquarium (Curate) on Aug 20, 2003 at 07:53 UTC
actually the most obvious choice (if the files aren't too big and smtp settings are ok on the dmz boxes) is email. Anyway, when posing your question, you should specify which ports are available, so we can help accordingly.	[reply]