Focus on Microsoft
FTP on IIS Jan 18 2008 06:57PM
lauren malhoit tylertech com (6 replies)
RE: FTP on IIS Jan 18 2008 10:20PM
Lucas, Mark J. (mjlucas caltech edu) (3 replies)
RE: FTP on IIS Jan 21 2008 08:48AM
Antti Laatikainen santen fi
RE: FTP on IIS Jan 21 2008 06:15AM
Ken Schaefer (Ken adOpenStatic com) (2 replies)
RE: FTP on IIS Jan 21 2008 06:39PM
Nick Wells (nick clandestineresearch com)
RE: FTP on IIS Jan 21 2008 06:25PM
Thor (Hammer of God) (thor hammerofgod com) (2 replies)
RE: FTP on IIS Jan 22 2008 09:13PM
Geekwench (geekwench hotmail com)
RE: FTP on IIS Jan 22 2008 08:01AM
Ken Schaefer (Ken adOpenStatic com) (1 replies)
RE: FTP on IIS Jan 22 2008 05:11PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
RE: FTP on IIS Jan 23 2008 07:08AM
Ken Schaefer (Ken adOpenStatic com) (2 replies)
IIS 7 Application Pool isolation WAS RE: FTP on IIS Jan 31 2008 11:36AM
Ken Schaefer (Ken adOpenStatic com)
RE: FTP on IIS Jan 23 2008 06:18PM
Thor (Hammer of God) (thor hammerofgod com)
RE: FTP on IIS Jan 19 2008 03:34AM
Nick Wells (nick clandestineresearch com)
RE: FTP on IIS Jan 18 2008 10:10PM
Smith, Ryan (rsmith cff org)
RE: FTP on IIS Jan 18 2008 09:39PM
Nick Wells (nick clandestineresearch com)
Re: FTP on IIS Jan 18 2008 08:57PM
Alexander Gran (Alexander Gran web de)
Re: FTP on IIS Jan 18 2008 08:02PM
Andrea Gatta (andrea gatta gmail com) (1 replies)
Hi Lauren,
not sure if it's possible using IIS but I would say that the best way
to lock down an FTP server might be starting to use a chroot
configuration. On some OS like Freebsd you can even go for a jailed
configuration which is even more strict than a simple plain chroot.
The main goal is, instead of allowing total access to the system,
limit access to a given and fixed part of the file system. That is,
once the user has logged into the system he/her will "see" only
his/her resources and nothing else. For example the command "cd /"
will only take the user to his/her "root" i.e. /home/user.

As I said, I'm not sure that this configuration is possible using IIS
but you may want to use proftpd which supports the chroot
configuration

Cheers,
Andrea.

On 18 Jan 2008 18:57:57 -0000, <lauren.malhoit (at) tylertech (dot) com [email concealed]> wrote:
> I'm preparing to build a new FTP server using IIS (or an IIS server using FTP??? I'm not sure). Anyway, I was wondering if anyone could recommend some good sources on how to lock it down. I need to configure it for an FTP site that anyone can get to and one that is password protected. Thanks in advance!
>

[ reply ]
Re: FTP on IIS Jan 18 2008 08:46PM
Kosala Atapattu (kosala atapattu gmail com) (1 replies)
Re: FTP on IIS Jan 19 2008 04:39PM
pinowudi (pinowudi gmail com)
Re: FTP on IIS Jan 18 2008 07:44PM
Ali, Saqib (docbook xml gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus