|
Posted by Bernard Cheah [MVP] on October 12, 2007, 2:41 am
Please log in for more thread options Oh Well, that's the design which relies on windows accounts. I think the
concern should be more on how to 'secure' as well as renaming + NTFS
restriction etc when implementing IIS FTP. the new IIS 7 FTP component
supports none windows user and even able to hook up to asp.net membership
provider, etc.
bottom line is not the product, but rather how you deploy and configure it.
--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/
> qbernard@hotmail.com.discuss says...
>> > Are you using MS FTP? If so, switch to FileZilla FTP server.
>>
>> I'm just curious about this... how would this helps? and MS FTP is
>> vulnerable ?
>
> MS FTP, if you're not using Anonymous access, and you should not be,
> uses Windows accounts for authentication - bad move on a exposed server.
>
> If you use FileZilla Server you don't have to create ANY windows
> accounts for it and can create user/group accounts, IP limits, bandwidth
> limits, read/write settings, etc....
>
> I've used FileZilla Server on every exposed MS server that offers FTP
> and found that we have no problems like we use to have with MS FTP.
>
> Oh, and we don't do Front Page or Front Page Extensions.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)
| 
XML Sitemap