Re: FTP directory security setup.

I'm seeing it now.
I need to stop the service not the ftp site, before the changes took effect.

now i'm gettig "Connection reset by peer" when downloading the large files.

"Bernard Cheah [MVP]" wrote:

Yes, just denied all then allow your ip only.
I think it logged the connecting IP as well, even they are blocked.
you seeing 530 error right ?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9B470567-D58B-49D7-97C7-FFA495D4B0BF@xxxxxxxxxxxxxxxx
i'll try only the ip.
does the "deny all" restrict local ip such as 192.168.1.x? ,
if so I can test with that ip address, dlocking it and allowing it.
otherwise I need to find someone outside my network.

but to answer the questions.

yes, I do see other ip address' trying to connect.
the log shows several attempts to enter a user name and password from ip
address' in NY, TX, poland, etc...

"Bernard Cheah [MVP]" wrote:

NT4 :) Denied all but... should block all except those you entered.
It's been a while I look at NT4. can you just test it with ip address,
forget about the domain name restriction first.

can you connect with that IP ? do you see other IP connecting?

the restriction took place when user connect before auth. you are seeing
otherwise ?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5EAEE768-9C15-40E9-8B6D-D3BBB91FFB21@xxxxxxxxxxxxxxxx
I'm trying to stop hackers from trying to accessing my ftp server.

I've tried to use the 'directory serurity' tab and "denied all" but the
few
users I want to access my ftp site.
I've select "denied all but" and entered the ip address of one system
and
the domain of the other ex. "mydomain.com" stopped the ftp server and
restarted it.
but
i still have hackers trying to login to my ftp server.

when does the "denied all " take effect? after they login? , I thought
it
would not respond to any request to login, unless it was in the
exceptions
list.
did I not set it up correctly or is this how the "denied all" works?

TIA

system info
nt 4.0 server sp 6a
iis 4.0
applied half of the "harden nt server" suggestion ( i.e. stopping
unneeded
services and removing shares, etc)










.

Relevant Pages

  • 500 "LPRT 6,16,0,0,0,0...,34,113,2,7,184 New Information
    ... Cleared up an issue with our firewall and now, ... access to the FTP site from our internal network, ... from a machine outside our internal network results in the ... connecting to 192.xxx.xxx.xxx:4774 ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: mapping logins to virtual directories in IIS5s FTP server...
    ... >I have a default FTP site with a particular user account set up. ... Anyone using that user account can login to the FTP server ... How To Set Up an FTP Site So That Users Log Onto Their Folders ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: FTPGetFile
    ... Are you sure your code is connecting to ... the same FTP site that you're using to determine the files don't exist? ... > Would anyone here know why FtpGetFile would return files that dont exist ...
    (microsoft.public.vb.winapi)
  • Re: FTP directory security setup.
    ... I think it logged the connecting IP as well, ... i still have hackers trying to login to my ftp server. ...
    (microsoft.public.inetserver.iis.security)
  • RE: FTP Browser login Access
    ... In the Properties of FTP site, ... Microsoft CSS Online Newsgroup Support ... <Thread-Topic: FTP Browser login Access ...
    (microsoft.public.windows.server.sbs)