I have sbs2003 with an ftp site. I have hardened ACL, have password authentication, configured lockout policy, etc...everything that can be done to block outside ftp users trying to crack password.
The only thing I have not done is deny access to everyone accept valid IP addresses. However, before I implement that I wanted to explore some reasons why I continue to see session even after an ip is blocked. Also, events continue to be logged in System and Security from that same ip address. Any thoughts?
Also, how can I implement FTP Site using VPN.