Re: FTP directory security setup.

---

• From: tdr <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 30 Oct 2007 13:55:00 -0700

---

it's either my rounter or at the firewall at the remote site, a sniffer would
help.

I'm going to see if another site can access the files.
if they can't, i'll start a new thread.

Thanks for all the help.

"Bernard Cheah [MVP]" wrote:

More like networking issue to me, if it works internally.
What I can is that... if connection is slow or not stable between client and
server, these things happen. Best is to get network sniffer to look at
what's going on.

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ADAC3C7D-4241-498B-ADC7-39276D2BDD9A@xxxxxxxxxxxxxxxx

I had the remote site tried to download a small file that worked.
when they tried to download a large file >900 meg the get only a small
part
of the file, I think thay said 35kb (not sure about the size) but it is
the
same size for all files that they try to download.

is there a limit restriction in iis 4.0 or Xp that can be set?

TIA

"Bernard Cheah [MVP]" wrote:

Yes, you need to restart the ftp site as it cached the setting by
default.

Next, regarding the connection reset by peer. how big is the file? could
be
client or networking issue.
have you try a decent ftp client?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6A788473-5F99-4ACA-B814-970D8F031EF3@xxxxxxxxxxxxxxxx

I'm seeing it now.
I need to stop the service not the ftp site, before the changes took
effect.

now i'm gettig "Connection reset by peer" when downloading the large
files.

"Bernard Cheah [MVP]" wrote:

Yes, just denied all then allow your ip only.
I think it logged the connecting IP as well, even they are blocked.
you seeing 530 error right ?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9B470567-D58B-49D7-97C7-FFA495D4B0BF@xxxxxxxxxxxxxxxx

i'll try only the ip.
does the "deny all" restrict local ip such as 192.168.1.x? ,
if so I can test with that ip address, dlocking it and allowing it.
otherwise I need to find someone outside my network.

but to answer the questions.

yes, I do see other ip address' trying to connect.
the log shows several attempts to enter a user name and password
from
ip
address' in NY, TX, poland, etc...

"Bernard Cheah [MVP]" wrote:

NT4 :) Denied all but... should block all except those you entered.
It's been a while I look at NT4. can you just test it with ip
address,
forget about the domain name restriction first.

can you connect with that IP ? do you see other IP connecting?

the restriction took place when user connect before auth. you are
seeing
otherwise ?

--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"tdr" <tdr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5EAEE768-9C15-40E9-8B6D-D3BBB91FFB21@xxxxxxxxxxxxxxxx

I'm trying to stop hackers from trying to accessing my ftp
server.

I've tried to use the 'directory serurity' tab and "denied all"
but
the
few
users I want to access my ftp site.
I've select "denied all but" and entered the ip address of one
system
and
the domain of the other ex. "mydomain.com" stopped the ftp
server
and
restarted it.
but
i still have hackers trying to login to my ftp server.

when does the "denied all " take effect? after they login? , I
thought
it
would not respond to any request to login, unless it was in the
exceptions
list.
did I not set it up correctly or is this how the "denied all"
works?

TIA

system info
nt 4.0 server sp 6a
iis 4.0
applied half of the "harden nt server" suggestion ( i.e. stopping
unneeded
services and removing shares, etc)

.

---

• References:
  • Re: FTP directory security setup.
    • From: Bernard Cheah [MVP]
  • Re: FTP directory security setup.
    • From: tdr
  • Re: FTP directory security setup.
    • From: Bernard Cheah [MVP]
  • Re: FTP directory security setup.
    • From: tdr
  • Re: FTP directory security setup.
    • From: Bernard Cheah [MVP]
  • Re: FTP directory security setup.
    • From: tdr
  • Re: FTP directory security setup.
    • From: Bernard Cheah [MVP]

• Prev by Date: Re: Basic Authentication fails with Error 401.2 where Integrated s
• Next by Date: Re: Basic Authentication fails with Error 401.2 where Integrated s
• Previous by thread: Re: FTP directory security setup.
• Next by thread: Re: Remote administration
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: FTP question ... |> I have one server that has had connectivity issues this past week ... |> directed at trying yet another ftp software. ... |> or an error about the socket connection. ... |> own modem and a Linksey router using Xp 64bit system. ... (microsoft.public.windowsxp.network_web) [Full-disclosure] PlatinumFTP 1.0.18 remote DoS ... PlatinumFTPserver simplifies management of all your Ftp clients with ... PlatinumFTP 1.0.18 server. ... remote server has closed connection ... Second Bug: ... (Full-Disclosure) PlatinumFTP 1.0.18 remote DoS ... PlatinumFTPserver simplifies management of all your Ftp clients with ... PlatinumFTP 1.0.18 server. ... remote server has closed connection ... Second Bug: ... (Bugtraq) Re: Windows 2003 SP2 and FTP ... with the windows firewall for our exchange servers. ... connect to the exchange server, we must disable the protect all connections ... Do you have anonymous access to your ftp enabled? ... "Connection closed by remote host". ... (microsoft.public.inetserver.iis.ftp) Re: Telnet/ftp problems SBS2000 ... | through the server to get internet access everything works. ... | client uses an internet backup company to backup his really vital data, ... I understand that you cannot use ftp service to ... the connection can be established ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)