"Adam Raff" <adam@nospam.postalias> wrote in message
news:uAmJ$y$fGHA.1208@TK2MSFTNGP02.phx.gbl...
> Good Day,
>
> I am building a FTP server for our company, as of this time I am not sure
> what product I will be using weather it will be IIS or some third party
> ftp product. My first concern is best practice and security. What needs
> to be done and what are some of the better security issues I should
> enforce before installing anything.
>
> The system will be a Windows 2003 SP1 server (full patched). The system
> is behind a firewall using NAT. Our old FTP system is a Windows XP box
> but I wanted to get a little more out of it and decided to go with 2K3.
> Since I am new to this, these questions may be a little basic but I wanted
> to make sure that I got my infrastructure right and setup before moving
> on.
>
> If anybody can point me to some white papers that are basic security and
> tips that I can look through it would be a great help. If anybody would
> like to post ideas they are also welcome.
>
> For instance our old system is on our domain, or should it be part of a
> workgroup and not part of our domain?
> Should it be on a DMZ zone instead or is using NAT ok?
>
> The question that I asked may be simple but to me it's not. Over the last
> week or so I have seen in my logs that people have been knocking at my
> door per say. Which is the reason why I want to upgrade our FTP site and
> get a better handle on it and lock it down better.
>
> Thanks
> Adam Raff
>