Consider running an sftp server. (FTP over SSH).

Much more secure.

Aaron Zirbes
System Administrator
EOH Health Studies
University of Minnesota
ajzcccs.umn.edu

----- Original Message -----
From: "Frédéric Médery" <fmederysympatico.ca>
To: <focus-mssecurityfocus.com>
Sent: Thursday, October 04, 2001 6:25 PM
Subject: Ftp server a bit more secure ?

: Hello everybody,
:
: I have to set a FTP server on a DC ! I know it's stupid but I'm not the
: one who decided :-) And I have to disable anonymous access !
:
: What I did :
: Fully patched the Server
: Installed IIS on a different partition.
: Created a group called Web Designer
: Created user who's not member of domain user group (just of web designer
: group). To remove the domain user group, I set the Web designer group as
: the primary group.
: The IIS partition is only available for web designer and the iis admin
: group.
: Of course the users have log on locally.
: I create one ftp root folder and some virtual directory that are not
: childs of the ftp root. So users are unable to see other folder even if
: they try to go to the root of the ftp site.
:
: Can this be a more "secure" or less dangerous ftp server ? Is it good to
: remove the ftp users from the domain user group ?
: If you have some advice :-)
:
: Thank you,
: This ML is one of the best
:
: Have a nice day
:
: Fred
:

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]