Solved

windows 2003 secure ftp

Posted on 2004-12-12
10
13,495 Views
Last Modified: 2011-09-20
what would be the best route to take for ftp service on a windows 2003 server machine.  I am going to be having information uploaded for websites and want a secure approach to loging into the ftp and transfering data securely... what would be best?  Would the ftp program that came with windows 03 server be a wise choice?    If not, what other programs should i be looking at...
0
Comment
Question by:meatdog8
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 2

Expert Comment

by:Nick_Chvr
ID: 12806598
IIS 6.0.  It should be included with your copy of 2k3.  You'll have to add the component in add/remove programs.  Set the ftp up and allow no anonymous access, only username and pword.  You can even put it on a non-standard port besides the usually 21.  This will keep mass ftp scanners from hitting your site.
0
 
LVL 2

Accepted Solution

by:
java_programmer earned 50 total points
ID: 12809118
Hi,

I would not use FTP since the data is passed in the clear, changing ports or using different user names does not solve the issue of encryption etc...

SSH is the industry norm for secure data transfer unless you want to kick it up a notch with entrust or something.

I would install Cygwin on your server, with OpenSSH then copy files using sftp, basically it would tunnel the ftp traffic over an encryped pipe.

Cheers,
Derek
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 12809228
Java_programmer is correct, BUT, how secure do you actually want the site to be? Why I'm asking is because on windows 2003 you can configure the ftp site with the following "security" options:
restricted username/password access;
ftp access only allowed from specified IP addresses;
read/write/browse folder access restrictions(on both ftp service configuration as well as on the actual windows folder);
Secure access via a client certificate.

However if it is a requirement for more secure communications (non-clear text transfers) then yeah, I agree with java_programmer, get another FTP service for your communications to the windows 2003 server.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 1

Author Comment

by:meatdog8
ID: 12809691
Java,

       Is running Cygwin on my server secure... sorry i've never heard much about cygwin... I read most everything on their site and did not see anything about security... is cygwin safe to run on a server?  

       Any other program suggestions for a secure ftp server?
0
 
LVL 2

Expert Comment

by:java_programmer
ID: 12809780
Cygwin is a "unix" environment for Windows. It is as safe as the applications you install/turn on.. for example if you run an old apache under Cygwin, and apache has some vulnerability....

The latest build is SSH is safe and secure, so your server would remain safe and secure. Also a LOT of people use it... do a google on SSH CYGWIN ... I am using it here, my only complaint is the interaction of SSH and windows programs... so if you run cmd within a cygwin shell, you'll lock it... but as standard commands like ps, secure ftp, kill etc are all very reliable.

There are some win32 openssh ports, but they tend to have a lot of issues...  There are also commercial windows based ssh setups, but are a bit expensive .... (check out pragma http://www.pragmasys.com/ClientSuite/) $599 USD

Cheers,
Derek
0
 
LVL 1

Author Comment

by:meatdog8
ID: 12810032
java,
          thank you very much for your input.  sounds like cygwin is the answer to my question...
0
 
LVL 1

Author Comment

by:meatdog8
ID: 12859719
java

where do i create new users/passwords and how do i associate that username with a directory?  I'll open another question if you would like for points...
0
 
LVL 1

Author Comment

by:meatdog8
ID: 12860299
I started another quesion.. reguarding the last statement

http://www.experts-exchange.com/Applications/Q_21247468.html
0
 

Expert Comment

by:nealmcdonald
ID: 13982891
I am in the middle of implementing this thread. I have set up a Win 2k3 Enterprise box and from my research, I heard there's issues with Cygwin on this OS. I would consider using FreeBSD or some Linux OS. This machine will only be performing SFTP to many insecure clients. What is the best approach considering OS's and ease of use for clients?


Thanks... I just signed up today and love this site!


Neal
0
 
LVL 1

Author Comment

by:meatdog8
ID: 13990697
what issues have you heard of?  I would like to know... I usually have people download WinSCP to connect to cygwin...
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Make the most of your online learning experience.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question