Re: Suggestions
- From: "Robert Moir" <robspamtrap+msnews@xxxxxxxxx>
- Date: Sat, 28 Jan 2006 17:37:55 -0000
Bad Beagle wrote:
> I am doing some consolidation of Windows 2003 IIS servers. What is
> more secure - to have 1 ftp server shared by all IIS servers using
> virutual directories or running 4 individual ftp servers without
> virutual directories and using ntfs to lock it down? Any suggestions
> would be appreciated.
To add to Roger's advice, I'd say that I'd prefer to run as few FTP servers
as possible because the more services you have to administer the higher the
chance that a setting could be forgotten or applied incorrectly somewhere.
FTP isn't really designed for secure communication, and if you want to do
anything other than providing a simple download point via anonymous FTP then
Microsoft's FTP server relies on the administrator having a very good
understanding of both the FTP service itself and of general windows admin
skills in general.
As such, deciding which design provides you with the simplest possible
implementation, and sticking to that simple implementation is going to
greatly improve your security.
--
--
Rob Moir, MS MVP
Blog Site - http://www.robertmoir.com
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html
I'm always surprised at "professionals" who STILL have to be asked "Have you
checked (event viewer / syslog)".
.
- References:
- Suggestions
- From: Bad Beagle
- Suggestions
- Prev by Date: Re: Netlogon /Sysvol
- Next by Date: Re: Issue cert to member of untrusted domain
- Previous by thread: Re: Suggestions
- Next by thread: What is the difference between logging into an AD Domain versus connecting to network resource?
- Index(es):
Relevant Pages
|
|
