Solved

Questions for FTP in IIS 6.0

Posted on 2013-06-17
4
311 Views
Last Modified: 2013-06-17
I have created a FTP to point to a website so that a user can update the website through FTP. It works, but want to make sure if I set up properly.

Windows 2003 SP2
IIS 6.0
website: www.example.com

1. Default FTP was not there, so I created it pointing to c:\inetpub\ftproot with Read and Log visits checked. No user isolation selected. IP address 'Unassigned' selected.

2. Then I created a virtual directory 'example.com' pointing to the folder where the website www.example.com files are. I gave Read,Write, and Log visits permission on the virtual directory.

3. I created a FTP local user account and gave 'Modify' NT user rights to the website folder for the user.

This setting works, what else can I do to tighten security?
Also, is it possible to run  two FTP sites, one with user isolation with AD and the above FTP with 'Unassigned IP Address'? The webserver has single NAT IP address set up in router to public.
0
Comment
Question by:crcsupport
  • 2
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 39254399
The first thing that springs out is FTP.  When you login with standard FTP you send the password in clear text.
That means anyone on route or on the same Wireless network as you can see your password floating by.
FTP is long dead.  Abandon it and look up SFTP
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39254470
Any recommendation for FTPS with windows 2003?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 39254483
Filezilla FTPS server seems good.
0
 
LVL 20

Expert Comment

by:edster9999
ID: 39254611
Yes Filezilla is pretty good and stable - I used it a few times.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
Learn about cloud computing and its benefits for small business owners.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now