Re: FTP directory security setup.

Yes, you need to restart the ftp site as it cached the setting by default.

Next, regarding the connection reset by peer. how big is the file? could be
client or networking issue.
have you try a decent ftp client?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6A788473-5F99-4ACA-B814-970D8F031EF3@xxxxxxxxxxxxxxxx
I'm seeing it now.
I need to stop the service not the ftp site, before the changes took
effect.

now i'm gettig "Connection reset by peer" when downloading the large
files.

"Bernard Cheah [MVP]" wrote:

Yes, just denied all then allow your ip only.
I think it logged the connecting IP as well, even they are blocked.
you seeing 530 error right ?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9B470567-D58B-49D7-97C7-FFA495D4B0BF@xxxxxxxxxxxxxxxx
i'll try only the ip.
does the "deny all" restrict local ip such as 192.168.1.x? ,
if so I can test with that ip address, dlocking it and allowing it.
otherwise I need to find someone outside my network.

but to answer the questions.

yes, I do see other ip address' trying to connect.
the log shows several attempts to enter a user name and password from
ip
address' in NY, TX, poland, etc...

"Bernard Cheah [MVP]" wrote:

NT4 :) Denied all but... should block all except those you entered.
It's been a while I look at NT4. can you just test it with ip address,
forget about the domain name restriction first.

can you connect with that IP ? do you see other IP connecting?

the restriction took place when user connect before auth. you are
seeing
otherwise ?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5EAEE768-9C15-40E9-8B6D-D3BBB91FFB21@xxxxxxxxxxxxxxxx
I'm trying to stop hackers from trying to accessing my ftp server.

I've tried to use the 'directory serurity' tab and "denied all" but
the
few
users I want to access my ftp site.
I've select "denied all but" and entered the ip address of one
system
and
the domain of the other ex. "mydomain.com" stopped the ftp server
and
restarted it.
but
i still have hackers trying to login to my ftp server.

when does the "denied all " take effect? after they login? , I
thought
it
would not respond to any request to login, unless it was in the
exceptions
list.
did I not set it up correctly or is this how the "denied all" works?

TIA

system info
nt 4.0 server sp 6a
iis 4.0
applied half of the "harden nt server" suggestion ( i.e. stopping
unneeded
services and removing shares, etc)












.

Relevant Pages

  • Re: Limiting FTP User Access
    ... nothing under the root except the folder they need access to. ... How To Set Up an FTP Site So That Users Log Onto Their Folders: ... Set Up an FTP Server in Windows Server 2003 ... How To Limit Access to a FTP Site in Windows Server 2003: ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: FTP directory security setup.
    ... I need to stop the service not the ftp site, ... I think it logged the connecting IP as well, ... i still have hackers trying to login to my ftp server. ...
    (microsoft.public.inetserver.iis.security)
  • X-fering project files to FTP server
    ... my FTP server, so that my parter may copy the files and also work on the ... then repost them to my FTP site. ... dektop cannot open the solution file. ...
    (microsoft.public.dotnet.general)
  • Re: FTP Server
    ... This is for the Windows 2000 FTP Server. ... > Thanks for the virtual folder trick, ... > Make virtual folders in the FTP site wuth the same name as the user. ...
    (microsoft.public.win2000.general)
Quantcast