Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Securing FTP Site using VPN

Posted on 2006-07-12
6
Medium Priority
?
296 Views
Last Modified: 2010-04-11
Hi,

I have sbs2003 with an ftp site. I have hardened ACL, have password authentication, configured lockout policy, etc...everything that can be done to block outside ftp users trying to crack password.

The only thing I have not done is deny access to everyone accept valid IP addresses. However, before I implement that I wanted to explore some reasons why I continue to see session even after an ip is blocked. Also, events continue to be logged in System and Security from that same ip address. Any thoughts?

Also, how can I implement FTP Site using VPN.

Thanks,
Mr. B
0
Comment
Question by:birenshukla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 32

Expert Comment

by:r-k
ID: 17097521
"However, before I implement that I wanted to explore some reasons why I continue to see session even after an ip is blocked. Also, events continue to be logged in System and Security from that same ip address."

How did you lock out that IP?

The way to do it is via IIS Manager -> Right-click on FTP site -> Properties -> Directory Security, and add that IP address so it is blocked, etc.

0
 

Author Comment

by:birenshukla
ID: 17099341
that is exactly how i blocked the ip. I have other ipc blocked as well and they do not show.
0
 
LVL 4

Accepted Solution

by:
kruptos earned 2000 total points
ID: 17158645
It may be possible that someone may be spoofing IP. It may look like it is coming from the blocked IP but you can mask the IP with a fake one. This will allow the spoofed IP to be logged but the real one to get through. Not sure if that is the case here though.

What is the FTP site being used for? Internal employees? Customers? That will help us determin the best way to deploy a VPN solution.

-Kruptos
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:birenshukla
ID: 17158724
FTP site is strictly for selected customers. I have explored options to deny to everyone except the public IP addresses but that is alwasys hard to get from customers and would need continuous maintenance. Therefore the VPN option. I would say at the most 5 customers connect from time to time.
0
 
LVL 4

Expert Comment

by:kruptos
ID: 17158761
You could set up a VPN that will only allow access directly to the server that is acting as FTP. It really depends on what type of firewall you have and it capabilities.

Depending on how secure you want to get will determin the architecture. Personally I woud never run FTP and IIS on SBS if that is your only server. Do you have other servers as well or just the SBS server?

If youc an let me know what type of firewall you have running I may be able to give you some ideas on how to set up the VPN for FTP access.

-Kruptos
0
 

Author Comment

by:birenshukla
ID: 17292213
Thanks. Will try that. I have been continuoing to deny bad guys but that is about it. I am going to get a industry grade firewall.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question