Questions for FTP in IIS 6.0

I have created a FTP to point to a website so that a user can update the website through FTP. It works, but want to make sure if I set up properly.

Windows 2003 SP2
IIS 6.0
website: www.example.com 

1. Default FTP was not there, so I created it pointing to c:\inetpub\ftproot with Read and Log visits checked. No user isolation selected. IP address 'Unassigned' selected.

2. Then I created a virtual directory 'example.com' pointing to the folder where the website www.example.com files are. I gave Read,Write, and Log visits permission on the virtual directory.

3. I created a FTP local user account and gave 'Modify' NT user rights to the website folder for the user.

This setting works, what else can I do to tighten security?
Also, is it possible to run  two FTP sites, one with user isolation with AD and the above FTP with 'Unassigned IP Address'? The webserver has single NAT IP address set up in router to public.
LVL 1
crcsupportAsked:
Who is Participating?
 
edster9999Connect With a Mentor Commented:
The first thing that springs out is FTP.  When you login with standard FTP you send the password in clear text.
That means anyone on route or on the same Wireless network as you can see your password floating by.
FTP is long dead.  Abandon it and look up SFTP
0
 
crcsupportAuthor Commented:
Any recommendation for FTPS with windows 2003?
0
 
crcsupportAuthor Commented:
Filezilla FTPS server seems good.
0
 
edster9999Commented:
Yes Filezilla is pretty good and stable - I used it a few times.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.