Solved

Securing FTP server

Posted on 2006-11-18
2
241 Views
Last Modified: 2010-04-11
Hi

I have built an FTP server using the CoreFTP product and will be using the Core client to connect.

http://www.coreftp.com/

There is the option of using either SSL/TLS or SSH2 (SFTP). Is one more secure than the other?

We are using a Cisco PIX 506E firewall and would be giving the FTP server a NAT'd address, so that people outside the network can use it to, although this will be tied down by IP address, and files will be encrypted using AES when being uploaded/downloaded. I've heard many people complain that configuring the port range using SSL/TLS is a complete nightmare, whereas SFTP uses only 22.

An additional question is that the box I am running this server on is Windows 2003 at the moment, since I was planning on using MS's FTP server, however that seems too insecure. Am I ok to leave as it is, or should I rebuild the machine using XP, since Server functionality is not needed? Or would this not make a difference?

Many thanks in advance.
0
Comment
Question by:Dilan77
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 17972444
SFTP can be simpler to setup, but you may have more issues locking down your sever.  SFTP is really not FTP, it is a "scripted SSH session" that copies a file.  If you setup SFTP on your server then users can SSH into it, because it is required.  

I have heard that there are ways to secure the sever so that only SFTP can be done, but I have not look at how to do this.
 

Because of a unique enviroment I am in FTPS (TSL/SSL FTP) was much easier and simpler for me to use.  Configuring a port range on a firewall for FTPS can become a pain, but it is something we (and our customers) have to live with due to our enviroment.

How many clients do you plan on using the box as a sever (FTP or otherwise)?  XP only allows a max of 10 unique IP addresses using it (the XP box) as a sever.  So if you have 11 sites that need to use your FTP sever, only 10 can connect at once.
0
 
LVL 2

Author Comment

by:Dilan77
ID: 17975975
Thanks mate...the FTP box will only be used scarcely for the time being, but may as well keep it as 2003 for future-proofing.

Cheers
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Make the most of your online learning experience.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month4 days, 10 hours left to enroll

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question