You can separate the OS users from ftp users by using a SQL backend to authenticate. I have done this once but not sure if it works with chroot jails.
Kosala On Jan 18, 2008 11:02 PM, Andrea Gatta <[EMAIL PROTECTED]> wrote: > Hi Lauren, > not sure if it's possible using IIS but I would say that the best way > to lock down an FTP server might be starting to use a chroot > configuration. On some OS like Freebsd you can even go for a jailed > configuration which is even more strict than a simple plain chroot. > The main goal is, instead of allowing total access to the system, > limit access to a given and fixed part of the file system. That is, > once the user has logged into the system he/her will "see" only > his/her resources and nothing else. For example the command "cd /" > will only take the user to his/her "root" i.e. /home/user. > > As I said, I'm not sure that this configuration is possible using IIS > but you may want to use proftpd which supports the chroot > configuration > > Cheers, > Andrea. > > > > On 18 Jan 2008 18:57:57 -0000, <[EMAIL PROTECTED]> wrote: > > I'm preparing to build a new FTP server using IIS (or an IIS server using > > FTP??? I'm not sure). Anyway, I was wondering if anyone could recommend > > some good sources on how to lock it down. I need to configure it for an > > FTP site that anyone can get to and one that is password protected. Thanks > > in advance! > > > -- Kosala -------------------------------------------- Disclaimer: Views expressed in this mail are my personal views and they would not reflect views of the employer. -------------------------------------------- blog.kosala.net www.linux.lk/~kosala/ www.kosala.net
