Re: Is there any problem by running both ftp and Http in the same Machine

From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 10/27/04


Date: Tue, 26 Oct 2004 22:42:54 -0700

Going beyond the need to have the machine and those services
properly configured, the biggest warning flag resulting from the running
of those three that I saw was FTP and its clear-text login weakness.
You might want to look into use of secure FTP instead of the FTP for
Window 2000 from MS.
(As was implied in prior reply, if the SQL is only going to interact with
your application on the same box, make sure tcp 1433/1434 are not
exposed.)

-- 
Roger Abell
"Andrew Mitchell" <amitchell@removecasey.vic.gov.au> wrote in message 
news:Xns958F3E767CA2casey01@207.46.248.16...
> "Aneesh" <aneesh.r@eostek.com> said
>
>> Hi,
>> I am very new to Windows 2000 security. V r planning to host our new
>> product which uses ftp, http, and SQL server.  i just wanna know, will
>> there be any pbms from the hackers,by running all these in the same
>> machine? if so how can we overcome this without using several individual
>> servers. I just wanna ensure that only some predefined members can
>> access the ftp. Pls explain the detail steps.
>
> FTP and HTTP should be fine. Are you planning on running SQL on the same 
> box?
> If so, I'd recommend you put the server behind a firewall and only open 
> ports
> 80 and 21 for incoming traffic.
>
> Just make sure you have all service packs, run the IISLockdown tool, and
> follow the steps in the Windows 2000 hardening guide.
> http://www.microsoft.com/technet/Security/prodtech/win2000/win2khg/05sconfg.m
> spx
>
> The IIS5 security checklist is also a good resouce and can be found at
> http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis
> /tips/iis5chk.mspx
>
> -- 
> Andy
> 


Relevant Pages

  • Ftp over activesync
    ... now the problem could come from activesync 4.5 and windows ce 5.0 or it's ... computer and retrives some files from the FTP server. ...
    (microsoft.public.windowsce.app.development)
  • Re: FTP Setup in WIndows 2000 help
    ... Thank you for responding Bernard. ... The more I use Win2k Server the more I realize I am no IT guy... ... So FTP is still not working and now I seem to have broken forms on the ... to set up a basic login FTP service on a Windows ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: Sql Server 2005 Dev. Ed. on Windows Server 2003
    ... Check out this KB which is about transferring Logins: http://support.microsoft.com/kb/246133 ... Also, since this is running on a newly installed Windows Server 2003, is ... them from your older SQL Server instance to the newer one. ...
    (microsoft.public.sqlserver.setup)
  • Re: New Windows Infrastructure
    ... vendor's application runs on windows with an SQL database and I will also need a web server for a separate module which will allow our customers to access account data online. ... I would think that if the app runs on windows, I do not need the citrix server. ... It makes sense to have separate DCs though, because let's say you want to upgrade your Active Directory in two weeks time, with separate DCs it's easy, but if you've got a bunch of apps installed it could be a nightmare. ...
    (microsoft.public.win2000.setup_deployment)
  • Re: OpenSSH Windows Security
    ... SFTP is typically defined as using an SSH capable FTP client to connect ... It uses the "native" commands on the server to provide ... (does Tuxcmd have a Windows port)? ...
    (alt.computer.security)