Most Secure FTP

Posted on 2005-04-26
Last Modified: 2013-12-04
I recently have come into a need for an FTP/File Server.  I have clients who need to upload and download multiple files at a time.  They have a machine running 2003 advanced server.  I was wondering if some of you windows security gurus can give me an idea of what would be the safest FTP/file sharing solution to make this happen.  I dont need anything encrypted because most of the files are just large images of architecture.  But we would love to keep all unwanted people off of our server and bandwidth.  

BTW, People will be connecting to this box from around the world not just inside a local lan.

Question by:savone
    LVL 38

    Accepted Solution

    You should password protect the site. One of the most secure FTP programs for windows is BulletProofFTP
    But there are many you can use, as long as you keep up2date with upgrades and patches, you should have few vulnerabilities.

    A firewall is also necessary in most cases to block any unnecessary ports that do not need to be seen by others, and one of the best ways to secure any program would be to only allow access from certain ip address's that way no one that is not approved can even see you have an FTp server. This is not always possible if you have users that use dial-up or cable/dsl as the ip can change from time to time. A vpn solution is probably best all around, you can block all ports but the vpn listening port, and once the users are logged in via the vpn they can access the ftp server or file server.

    And in keeping with best practices, you should probably have AV instaled on the box, and keep up2date with all patches and updates for the OS as well, even in the VPN situation for good measure.
    LVL 8

    Expert Comment


    2003 advanced server includes a FTP server.
    once enabled you can define user names and passwords from the server. if they already have an account on the server, then you would just grant that user access and he/she can login with their existing username/password (otherwise you can create a special account for them, just as easy)
    LVL 8

    Expert Comment

    use SFTP (Secure FTP).... this uses SSL encryption much like a web site does and is more secure than just regular FTP... might need to check to make sure you have a client that will connect to it, but it is the best route to go...
    LVL 8

    Expert Comment

    one other think to keep in mind is that when you set up an FTP server, prepare yourself for an onslaught of attempts from those who shouldnt have access... secure with passwords... mask and use a different port outside of the default ports... make sure logging is turned on and DO NOT RUN A FTP SERVER WITHOUT A FIREWALL IN FRONT OF IT! I cant stress this enough :)

    I had my FTP server turned on for a few hours and ended up having hits in the logs from all over the world for the next month....

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    As a Mac user and former AppleCare AHA & Senior Advisor, I'm constantly bombarded with questions about Macs and if they need Antivirus. This short article is my response to those questions.
    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now