Thanks Ari, If we are talking Hi-Res Publication materials Flickr probably isn't an option though I don't know what file size limitations there are on it.
This issue isn't so much security as it is delegation of ftp user account management. What I'd like is for each area to be able to manage their own group of users and passwords. Eg. Our Archives sells photos on the website. I'd like for them to be able to create and maintain some accounts such as photoorder1, photoorder2, photoorder3 etc. These would be handed out to the purchaser with an appropriate generated password. This would remain active for say 48 hrs so they could collect their image. I'd then like that account to be reset and a new password issued and the directory purged. Since this box isn't in our Active Directory as it lives in our DMZ this would need to be done with local accounts which isn't as elegant. I'd also rather the various departments not remote into a desktop of the server to do this. What I am interested in is whether anyone has faced similar issues and what they came up with. Was it abandoning FTP and creating a php portal or using 3rd party apps or going to a hosted solution. Thanks and Merry Christmas, Chris -----Original Message----- From: mcn-l-bounces at mcn.edu [mailto:[email protected]] On Behalf Of Ari Davidow Sent: December-19-08 4:24 PM To: Museum Computer Network Listserv Subject: Re: [MCN-L] FTP Server for image retrieval? You raise some interesting issues. For starters, of course, no application for which security matters should be using FTP--it is fundamentally insecure because logins and passwords are exchanged in clear text. So, you might use SFTP or FTP over SSH if you really wanted to go down that path. By the same token, fewer people every year understand FTP or its more secure brethren. They aren't protocols in common use compared to HTTP or HTTPS, and a shocking number of people don't have FTP clients on their computers. It might be worth considering things differently. What if, for instance, images were uploaded to Flickr, with those that could only be downloaded by appropriate password-enabled folks doing so by being made part of a given flickr group? I'm not sure how well this would work--we now use flickr for all press image distribution, for instance, but don't use controlled access for anything but internal use. In a pinch, using IIS to mediate access locally, however you wish to do so, with permission to download similarly controlled by password access might make more sense. IIS in conjunction with Sharepoint might be all you need. Apologies for answering a question not quite what you asked, ari On Fri, Dec 19, 2008 at 2:38 PM, Chris Heazell <cheazell at glenbow.org> wrote: > Hello fellow MCNers and Season's Greetings, > > I am wrestling with something that many of you may well already have figured > out. We host our own ftp server and currently we have setup a number of ftp > accounts which various departments utilize to make images available for > publications etc. What we want to do is deliver images that the public order > on our website and make them available for them to download from our ftp > server. Now this in and of itself isn't difficult but we want the department > selling the image to manage the user name and password administration and > this is where I'm scratching my head. Our server is a windows 2003 box using > iis and the ftp service and it is sitting in our DMZ and therefore not part > of our Active Directory. What I really want is some form of portal that a > "super user" could log into to admin say a half dozen user ids and generate > passwords. This they could do on either a daily/weekly basis or on demand. > What I don't want is for them to have to Remote into the server or be an > admin of th e > server to assign passwords. I'd rather a front end portal or similar that > they could use. > > If any of you have suggestions or ideas about how you and your organization > deliver images to your public I'm all ears. > > Thanks, > > Chris > > > Chris Heazell, MCSE, CNA > Network Administrator > Glenbow Museum > p 403 268 4241 > f 403 265 9765 > > http://www.glenbow.org<http://www.glenbow.org/> > > > _______________________________________________ > You are currently subscribed to mcn-l, the listserv of the Museum Computer > Network (http://www.mcn.edu) > > To post to this list, send messages to: mcn-l at mcn.edu > > To unsubscribe or change mcn-l delivery options visit: > http://toronto.mediatrope.com/mailman/listinfo/mcn-l > > The MCN-L archives can be found at: > http://toronto.mediatrope.com/pipermail/mcn-l/ > _______________________________________________ You are currently subscribed to mcn-l, the listserv of the Museum Computer Network (http://www.mcn.edu) To post to this list, send messages to: mcn-l at mcn.edu To unsubscribe or change mcn-l delivery options visit: http://toronto.mediatrope.com/mailman/listinfo/mcn-l The MCN-L archives can be found at: http://toronto.mediatrope.com/pipermail/mcn-l/
