RE: FTP tagging

From: Tommaso Di Donato (
Date: 05/09/02

Date: Thu, 09 May 2002 17:17:09 +0200
From: Tommaso Di Donato <>

Hi! Firts of all, I think it would be better to change "user" with
"authenticated users", because i read somewhere (I can't remember where,
but I'm quite sure) that anonymous access (to file system and object
enumeration...I don't know if it applies also to FTP) can be disables
changing "Users" with "authenticated users". So, I would try this....
Second... I know the ftp server that comes with IIS is free (well, not
free, but you already payed fot it...), but I think you should consider to
try Bulletproof Ftp (for example...). It is much more secure and
configurable than the one provided by MS...
Hope it helps.

At 23.20 08/05/2002, you wrote:
>Thank you all for the responses.
>Here are some more info:
>IUSR_name is only a member of the Guests group, not the Users.
>But "Authenticated Users" is a member of Users group. Maybe IUSR_name is
>"indirectly" a member of the Users Group because of this. I'll try to
>confirm this.
>Probably a better way to go is remove "Users" from the ACLs and create a
>new "FTP Users" group with proper access.
>Someone warned me about FTP using Basic Authentication. I'm taking this in
>account: none of the users logging to the FTP are admins. But I think this
>is always a thig to remember.
>Thanks again to everybody.
>-----Original Message-----
>From: Garcia Turegano, Victor
>Sent: Tuesday, May 07, 2002 17:39
>Subject: FTP tagging
>Recently I've encountered this problem. I thought that I have covered all
>the weak spots. Obviously not! Can someone give me pointers or tell me why
>is this happenning?
>I have a Windows 2000 Pro Box with FTP Service installed and all patches
>listed by HFNetChk. I use ADSL to connect it to the Internet.
>This FTP has Anonymous access enabled as well as authenticated. It has
>Read and Write permissions enabled in the IIS Console Propoerties page.
>I decided to control Read & Write access via NTFS and these are the
>permissions I have in the FTPROOT folder.
>Administrators = Full Control
>System = Full Control
>Users = Modify
>IUSR_name = Read
>The thing is that people logging anonymously are being able to create
>directories and files and to delete them.
>Here's a part of the FTP log that shows it:
>#Software: Microsoft Internet Information Services 5.0
>#Version: 1.0
>#Date: 2002-05-03 14:13:03
>#Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port
>cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes
>cs-bytes time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer)
>2002-05-03 14:13:03 anonymous MSFTPSVC1 CLAIRE
> 21 [15]USER anonymous - 331 0 0 0 0 FTP - - - -
>2002-05-03 14:13:03 MSFTPSVC1 CL
> 21 [15]PASS - 230 0 0 0 180 FTP - - - -
>2002-05-03 14:13:05 MSFTPSVC1 CL
> 21 [15]MKD 020503161000p - 257 0 0 0 0 FTP - - - -
>2002-05-03 14:13:05 MSFTPSVC1 CL
> 21 [15]RMD 020503161000p - 250 0 0 0 0 FTP - - - -
>2002-05-03 14:13:07 MSFTPSVC1 CL
> 21 [15]closed - - 426 170 0 0 420 FTP - - - -
>Does someone has a nice FTP response translator?
>V i c t o r S G a r c i a T u r e g a n o

Relevant Pages

  • Re: [opensuse] RE: Help with establishing an FTP Server
    ... the GUI in YAST. ... Umask for Authenticated Users: ... FTP Directory for Authenticated Users: ... What is the difference between passive mode and an anonymous user ...
  • Re: FTP tagging
    ... I know the ftp server that comes with IIS is free (well, ... or a domain local group in a Windows 2000 ... "Authenticated Users" is a global group that includes any security ... since "Everyone" includes anonymous access. ...
  • [opensuse] RE: Help with establishing an FTP Server
    ... Could someone help walk me through the creation of an FTP Server using the GUI in YAST ... >The value that the umask for file creation is set to for anonymous users. ... >The value that the umask for file creation is set to for authenticated users. ...
  • Re: Hasnt Thurrott learned anything?
    ... MS Office look like real software. ... FTP'ing is a high level of control, but its also a high level of touch ... just try using FTP to synchronize 1GB worth of data ...
  • Re: FTP Tagging anyone?
    ... Disable anonymous access for FTP. ... > Neo1907's PuB-tAgGeR ... > DVDrip by romantiker2k ...