Securing FTP

I am setting up FTP to allow only a few users to connect.  I am aware of the clear text password issue, so I created a group called 'FTP'.  I then created a user 'FTPUser', and changed the group membership from the 'Users' group to the 'FTP' group.  I am isolating the group/user combination to the FTP directory via NTFS permissions that I propigated throughout the FTP folder structure.  I figure if someone captures the password, they can only access this directory structure and nothing else.  Does this sound like a good plan?  Is there anything else I can do further to secure this?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi bleujaegel,
This sounds like you are following the guidelines set out by microsoft article which is reference throughout EE.

if you are aware of the IP addresses of where your using are coming from you could set the directory access to a default of deny unless ip = the addresses you allow.

This means someone whould have to capture the pass as well as spoof the source address they are comign from.

I think that is about as secure as you can get it


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Instead of using FTP, you might be able to use SCP or SFTP, which is secure.

Open Source SSH Server (SCP and SFTP uses SSH as its transport) for Windows:
Open Source SCP & SFTP client for Windows:

An article on SSH / SCP / SFTP for Windows:
An article on setting up a SFTP Server on Windows:
bleujaegelAuthor Commented:
Good point to deny by IP.

I will check out the secure FTP apps.  

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.