Focus on Microsoft
FTP on IIS Jan 18 2008 06:57PM
lauren malhoit tylertech com (6 replies)
RE: FTP on IIS Jan 18 2008 10:20PM
Lucas, Mark J. (mjlucas caltech edu) (3 replies)
RE: FTP on IIS Jan 21 2008 08:48AM
Antti Laatikainen santen fi
RE: FTP on IIS Jan 21 2008 06:15AM
Ken Schaefer (Ken adOpenStatic com) (2 replies)
RE: FTP on IIS Jan 21 2008 06:39PM
Nick Wells (nick clandestineresearch com)
RE: FTP on IIS Jan 21 2008 06:25PM
Thor (Hammer of God) (thor hammerofgod com) (2 replies)
RE: FTP on IIS Jan 22 2008 09:13PM
Geekwench (geekwench hotmail com)
RE: FTP on IIS Jan 22 2008 08:01AM
Ken Schaefer (Ken adOpenStatic com) (1 replies)
RE: FTP on IIS Jan 22 2008 05:11PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
RE: FTP on IIS Jan 23 2008 07:08AM
Ken Schaefer (Ken adOpenStatic com) (2 replies)
IIS 7 Application Pool isolation WAS RE: FTP on IIS Jan 31 2008 11:36AM
Ken Schaefer (Ken adOpenStatic com)
RE: FTP on IIS Jan 23 2008 06:18PM
Thor (Hammer of God) (thor hammerofgod com)
RE: FTP on IIS Jan 19 2008 03:34AM
Nick Wells (nick clandestineresearch com)
RE: FTP on IIS Jan 18 2008 10:10PM
Smith, Ryan (rsmith cff org)
RE: FTP on IIS Jan 18 2008 09:39PM
Nick Wells (nick clandestineresearch com)
Re: FTP on IIS Jan 18 2008 08:57PM
Alexander Gran (Alexander Gran web de)
Re: FTP on IIS Jan 18 2008 08:02PM
Andrea Gatta (andrea gatta gmail com) (1 replies)
Re: FTP on IIS Jan 18 2008 08:46PM
Kosala Atapattu (kosala atapattu gmail com) (1 replies)
You can separate the OS users from ftp users by using a SQL backend to
authenticate. I have done this once but not sure if it works with
chroot jails.

Kosala

On Jan 18, 2008 11:02 PM, Andrea Gatta <andrea.gatta (at) gmail (dot) com [email concealed]> wrote:
> Hi Lauren,
> not sure if it's possible using IIS but I would say that the best way
> to lock down an FTP server might be starting to use a chroot
> configuration. On some OS like Freebsd you can even go for a jailed
> configuration which is even more strict than a simple plain chroot.
> The main goal is, instead of allowing total access to the system,
> limit access to a given and fixed part of the file system. That is,
> once the user has logged into the system he/her will "see" only
> his/her resources and nothing else. For example the command "cd /"
> will only take the user to his/her "root" i.e. /home/user.
>
> As I said, I'm not sure that this configuration is possible using IIS
> but you may want to use proftpd which supports the chroot
> configuration
>
> Cheers,
> Andrea.
>
>
>
> On 18 Jan 2008 18:57:57 -0000, <lauren.malhoit (at) tylertech (dot) com [email concealed]> wrote:
> > I'm preparing to build a new FTP server using IIS (or an IIS server using FTP??? I'm not sure). Anyway, I was wondering if anyone could recommend some good sources on how to lock it down. I need to configure it for an FTP site that anyone can get to and one that is password protected. Thanks in advance!
> >
>

--
Kosala
--------------------------------------------
Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.
--------------------------------------------
blog.kosala.net
www.linux.lk/~kosala/
www.kosala.net

[ reply ]
Re: FTP on IIS Jan 19 2008 04:39PM
pinowudi (pinowudi gmail com)
Re: FTP on IIS Jan 18 2008 07:44PM
Ali, Saqib (docbook xml gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus