Is it secure? Owncloud in DMZ and refer to internal fileserver

Dave

10/18/23, 11:41 AM

Is this a secure setup?

Having an (linux based) Owncloud Server, with Let's-Encrypt SSL Certificate. This server provides shares to the clients, which are SMB connections to an internal File Server

The connection is as follows:

DNS Entry --> points to private, public IPv4 Address.
This address has an open port in the firewall, forwarding to the IP in DMZ. HTTPs and WWW are allowed
The SMB connection directs to an internal File server, which is in the internal network segment. only port 445 TCP is allowed
connections are HTTPs

Necessary maintenance:

update owncloud
update the linux server and file server
maintain the firewall

of course as well:

monitoring and backup
awarenes of users and admins (maybe most critical point)

0 + 2

dmz

owncloud

diya

10/18/23, 1:12 PM

Your maintenance plan is missing backups and monitoring. - And note that security depends as much, if not more on configuration, the behaviour of your admins & users than it does on infrastructure design. A valid TLS certificate *for example* does not mitigate keeping the default admin password unchanged.

Dave

10/20/23, 7:57 AM

You are right, of course! We are doing that, but I missed listing it... but the infrastructure design as such is safe?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is it secure? Owncloud in DMZ and refer to internal fileserver

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.