Network filesharing Windows 7 to Mac secure-ish solution

I’m looking for a solution to share some data publicly on my home network, and some privately (just for me between devices).

I have a Windows 7 computer that serves as my media computer and general data storage device. It’s got a bunch of movies stuff on it, and also is a repository for all my files. I’ve got a Mac laptop that I use for most other things. I want to set up some kind of filesharing that accomplishes the following:

  1. Some directories are readable by all on my wifi network, writeable by only me. This is for movies and music and stuff. I can give visitors the wifi password, and they can watch movies or listen to music on their own devices.

  2. Some directories are readable and writeable only by me. Ideally, they’re encrypted and not even visible to anyone on the network who doesn’t know they’re there. This is for personal documents.

I tried to do that with Samba on Windows and was pretty much unsuccessful. Making something just readable seemed to work ok. Making it globally readable and I can write to it was problematic, and I couldn’t figure out any way of hiding the existence of the stuff in category 2. I also had weird Mac problems with user switching. If one user is connected to a share and you fast-switch users to another user, strange things happen with permissions. That’s no good since I sometimes share my laptop (there are other accounts), and I obviously only want the account I’m logged into to have access to personal stuff.

One thing I considered (but have not tried) for category 2 was a TrueCrypt volume shared over normal sharing. Anyone could see that it’s there, but it’s just a big binary blob to anyone without the key. Does anyone have experience mounting a TrueCrypt volume over samba between those OSes?

I’m willing to install 3rd party software for this.

Ever thought about a NAS? (Networked Attached Storage)?

I just installed a Synology DS-213 (probably overkill for what you need), but they also make a much less expensive model DS-212j. Or, you can even go with a single drive option for even less. Other NAS vendors can probably do what you need as well, but Synology’s interface is dead simple and works great.

Simple as:

  1. Creating users
  2. Creating a share (you can also choose to not have it display in network neighborhood)
  3. Clicking checkmarks on read, write, or no access

Hope it’s ok to share the link to the company site. Hope this helps!

I’ve never done it with a Mac (I hate Macs), but setting up a Samba Server instance on one of the machines (preferably your media server/file host… sayin…) should enable you to transfer via Server Message Block (SMB) / Common Internet File System (CIFS). If you’ve never done it before, it can be a little tricky, until you understand a little bit of how it works, but after the first go-through, it’s very straight forward.

I’ve used Samba many times to share data across both virtual and physical instances of Windows and *Nix platforms (mostly Gentoo, RedHat, or Fedora). It works very well. And it’s open source, so it’s free!

There are some security implications in using SMB (for example, MS-08-67, or “Conficker” exploited SMB). But, as always, keeping your machines properly patched is 85% of the battle.

Depending on your version of Windows 7, you might not be able to achieve the level of control you want. Non-server versions of Windows just don’t give you all of the options.

I have done Windows 2008 Server to Mac sharing using SMB successfully. I was able to hide the folders with no permissions and grant permission where needed, as you describe.

We did still have some issues with multiple users on the Macs, but the Windows login helps to fix some of those problems.

We had other problems with temporary Mac files never being marked as closed, which could prevent us from moving or renaming directories unless we shut down and restarted the server. There was no fix I could find for that. (And ironically, MS Word was one of the biggest offenders.)

I have considered NAS, but I’m hoping to do this for a smaller budget than the $500 or so even a basic NAS costs.

It’s Windows 7 Ultimate, so hopefully it can actually do everything available to Windows. But maybe there’s some marketing-speak going on here.

Giant Rat, I’m confused by the mention of Samba Server. My understanding is that samba is the reverse-engineered protocol for Windows File Sharing. That is, I don’t need any other software than Windows if I’m going to be sharing over samba from the Windows host. Samba Server is *nix software, right?

How much data? If it’s less than 2gb you can simply install the Dropbox client on all machines for free. It has a public and a private area.

I remote in to the built-in Windows remote desktop connection using the Mac version of RDC; or else use Timbuktu (since I own it) or (where routers & firewalls are between me and the PC) TeamViewer.

It’s probably less than that, but I don’t want private sensitive data going online. I use Dropbox for convenience, but it’s not secure; they have the encryption keys.

The more I think about it, the more I think securing the data with TrueCrypt and not worrying too much about securing the access is the way to go.