Ftp Security Help!!!!!!!!

[Rafael Tejera]

I have a W2k server running IIS. Basiclly using ftp server.

I have my volume in ntfs, several users and groups. I try to put more
security on it, but it doesn't work. I only put one user to access a folder,
but all of the users can get in.

Someone can tell me what is happening here?

Is any policy to configure, or something Do I have to do, that enable me to
encrease the security?

Please need help.


Thanks



Rafael Tejera

 

[Curtis Koenig [MSFT]]

Hi Rafael,
Unless you told IIS to use integrated authentication for FTP connections it
is probably using an anonymous connection. This allows access, changing
NTFS permissions has no effect on access via the FTP service as it has
access. How are the users accessing the share?
--
Curtis Koenig
Support Engineer
Product Support Services, Security Team
MCSE, MCSES, CISSP

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

--------------------

 

[Kevin D. Quitt]

You will find it much easier to have a secure and trivially configurable
FTP server if you try Serv-U <http://www.cat-soft.com/>. Allows adding
access for users without requiring a Windows user name and password. Very
flexible and easy to set up and administer.