<div>
You might want to consider the fact that FTP authentication is plain-text and unencrypted.<br />
It is best if the FTP user has no other rights on the server or domain (create a dummy group, add the FTP users to it and, if you're in a domain, make it the primary group, then remove it from the Users group or Domain users)<br />
<br />
The rest sounds fine to me!
</div>


You might want to consider the fact that FTP authentication is plain-text and unencrypted.
It is best if the FTP user has no other rights on the server or domain (create a dummy group, add the FTP users to it and, if you're in a domain, make it the primary group, then remove it from the Users group or Domain users)

The rest sounds fine to me!

<div>
<div class="content wysiwyg-content">
I took an old PC and installed Win2K on it, then IIS and setup an FTP site. I would like to know about securing it. The stuff that will be in the FTP folder is not really that important to me, but I would just like to know I have set it up properly. I turned off anonymous login and gave the user a password protected account, set NTFS permisions on the folder specifically for the FTP user I setup and no one else, I gave the user read and write permissions. I set up logging. I then installed Sygate personal firewall and set up and tested it, it only showed ports 21 and 80 as being open and available all, others were in stealth mode. Does this sound like it is safe enough for what I am trying to do? Iss there anything I have overloooked or need to think about?
</div>
</div>


I took an old PC and installed Win2K on it, then IIS and setup an FTP site. I would like to know about securing it. The stuff that will be in the FTP folder is not really that important to me, but I would just like to know I have set it up properly. I turned off anonymous login and gave the user a password protected account, set NTFS permisions on the folder specifically for the FTP user I setup and no one else, I gave the user read and write permissions. I set up logging. I then installed Sygate personal firewall and set up and tested it, it only showed ports 21 and 80 as being open and available all, others were in stealth mode. Does this sound like it is safe enough for what I am trying to do? Iss there anything I have overloooked or need to think about?

How to secure a Windows 2000 FTP site.

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.