Hi Lauren, The very nature of FTP is insecure because the passwords used for authentication are sent in the clear. Your best bet would be to use some type of third-party FTP server/daemon that allows you to use FTP over SSL. Currently IIS (v5.0 and 6.0) does not support this natively. If you are stuck with IIS, then you could only allow FTP access via a VPN. From there you can lock the site directories down using NTFS permissions All in all there isn't a whole lot IIS can do natively to "secure" an FTP site.
Just my $.02 Ryan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, January 18, 2008 1:58 PM To: [email protected] Subject: FTP on IIS I'm preparing to build a new FTP server using IIS (or an IIS server using FTP??? I'm not sure). Anyway, I was wondering if anyone could recommend some good sources on how to lock it down. I need to configure it for an FTP site that anyone can get to and one that is password protected. Thanks in advance!
