How to secure a Windows 2000 FTP site.

Posted on 2006-04-19
Last Modified: 2013-12-04
I took an old PC and installed Win2K on it, then IIS and setup an FTP site. I would like to know about securing it. The stuff that will be in the FTP folder is not really that important to me, but I would just like to know I have set it up properly. I turned off anonymous login and gave the user a password protected account, set NTFS permisions on the folder specifically for the FTP user I setup and no one else, I gave the user read and write permissions. I set up logging. I then installed Sygate personal firewall and set up and tested it, it only showed ports 21 and 80 as being open and available all, others were in stealth mode. Does this sound like it is safe enough for what I am trying to do? Iss there anything I have overloooked or need to think about?
Question by:kevotron
    LVL 12

    Expert Comment

    You might want to consider the fact that FTP authentication is plain-text and unencrypted.
    It is best if the FTP user has no other rights on the server or domain (create a dummy group, add the FTP users to it and, if you're in a domain, make it the primary group, then remove it from the Users group or Domain users)

    The rest sounds fine to me!
    LVL 2

    Accepted Solution

    create local user account on the ftp server.

    create user folder matching user name under ftproot

    right click the new folder, under "security" add the new local ftp user account and give it modify permission. remove the everyone group.

    it would be a good idea to have complex passwords that change often.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Article by: btan
    The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
    As a Mac user and former AppleCare AHA & Senior Advisor, I'm constantly bombarded with questions about Macs and if they need Antivirus. This short article is my response to those questions.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now