Secure file copying with WinSCP

WinSCP is easy to use, providing two optional interfaces: one that looks similar to the old Norton Commander file manager and the other similar to Windows Explorer. It supports securely dragging and dropping files for transfer across a network and can be integrated directly into the Windows shell. It supports directory synchronization, allowing directory comparisons and highlighting files that are different, and then transferring new and updated files. It also supports automation scripting and command line option flags.

From a security standpoint, WinSCP delivers the goods. It supports file transfers using encrypted tunnels, DES, 3DES, Blowfish and AES. It can use SSH v1 and v2, or can be set to only accept connections from hosts/clients employing the stronger v2.

For more information: In this expert Q&A, Mike Chapple discusses why FTP will never be a secure way to transfer files. Information security threats expert Ed Skoudis explains the malware-related risks of copying files. Michael Cobb reviews the strengths and weaknesses of Internet protocols FTPS, SCP and SFTP.

WinSCP supports multiple secure authentication mechanisms, including"keyboard-interactive" two-factor authentication. With keyboard-interactive authentication, the server can prompt for special credentials such as an S/Key one-time password or RSA SecurID generated value. These "disposable" credentials are preferable when using a public computer. WinSCP also supports cryptographic certificates using public and private keys. To avoid having your private key stolen and used to authenticate sessions on your behalf, WinSCP supports requiring that a passphrase be entered when authenticating your key. WinSCP also supports storing standard single-factor passwords with saved sessions, a convenience that is not recommended, but can be restricted and disallowed by a system administrator.

In addition to strong security, WinSCP provides another thing that some free tools may not: an excellent Web site with well-written documentation. There are lots of screen shots and pages of helpful explanations and how-to's.

WinSCP has won many awards, is well supported and has a very active community, making it an easy tool to recommend.

About the author:
Scott Sidel is an ISSO with Lockheed Martin.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. BROWSE BY TAG Scott Sidel's Downloads,   Application and Platform Security,   Open Source Security Tools and Applications,   SSL and TLS VPN Security,   Secure VPN Setup and Configuration,   Enterprise Network Security,   VIEW ALL TAGS Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Scott Sidel's Downloads Use BotHunter for botnet detection Review system event logs with Splunk FISMA compliance made easier with OpenFISMA Ophcrack: Password cracking made easy Enigmail: Wrapping email in a digital security blanket FreeRADIUS: Acing a secure connection Spiceworks: Free network monitoring and management with a little zest VirusTotal: On-demand antivirus service scans malicious files Shining a spotlight on rootkits Closing the case on network firewall security with IPCop Open Source Security Tools and Applications H.D. Moore on future of Metasploit attack platform H.D. Moore speaks about Metasploit Project deal, Release 3.3 Screencast: How to launch an OpenVAS scan Could Metasploit popularity erode? Metasploit Project acquired by vulnerability management firm Rapid7 SSH key compromise shuts down Apache website Screencast: Smoothwall offers firewall defense in lean times Screencast: Samurai offers pen-testing nirvana Rootkit Hunter demo: Detect and remove Linux rootkits When to use open source security tools over commercial products SSL and TLS VPN Security Expert calls SSL protocol vulnerability a non issue How SSL-encrypted Web connections are intercepted Best Remote Access Products How to set up a split-tunnel VPN in Windows Vista Securing the intranet with remote access VPN security A short enterprise VPN deployment guide Creating an SSL connection between servers Can S/MIME, XML and IPsec operate in one protocol layer? Can secure USB devices prevent man-in-the middle attacks How to secure SSL following new man-in-the-middle SSL attacks RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Blowfish  (SearchSecurity.com) Kermit  (SearchSecurity.com) Open Source Hardening Project  (SearchSecurity.com) SnortSnarf  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.