Nathan Champion <nathan@krayup.com> wrote:

> I'm looking for a way of disabling FTP login access to specific users
> in order to prevent password guessing attempts. I've spent some time
> searching for a solution on the internet but only seem to get results
> on isolation details and iislockdown etc.

"Robin Walker [MVP]" <rdhw@cam.ac.uk> wrote in message
news:%23CLi7f1mGHA.4208@TK2MSFTNGP04.phx.gbl...
> Nathan Champion <nathan@krayup.com> wrote:
>
>> I'm looking for a way of disabling FTP login access to specific users
>> in order to prevent password guessing attempts. I've spent some time
>> searching for a solution on the internet but only seem to get results
>> on isolation details and iislockdown etc.
>
> If you had a strong enough password for Administrator, it could not
> reasonably be attacked by FTP transactions within the life of your server.
>
> However, if you must, use FTP Isolated user mode and create an FTP home
> directory for Administrator to which Administrator has no access.
>
> --
> Robin Walker [MVP Networking]
> rdhw@cam.ac.uk
>

"Nathan Champion" wrote:

> Hi all,
>
> I'm looking for a way of disabling FTP login access to specific users in
> order to prevent password guessing attempts. I've spent some time searching
> for a solution on the internet but only seem to get results on isolation
> details and iislockdown etc. See below for an example of what I'm trying to
> prevent:
>
> F:\>ftp x.x.x.x
> Connected to x.x.x.x.
> 220 Microsoft FTP Service
> User (x.x.x.x:(none)): administrator
> 331 Password required for administrator.
> Password:
> 530 User administrator cannot log in.
> Login failed.
> ftp> quit
> 221
>
> (repeat until password is guessed)
>
> F:\>ftp x.x.x.x
> Connected to x.x.x.x.
> 220 Microsoft FTP Service
> User (x.x.x.x:(none)): administrator
> 331 Password required for administrator.
> Password:
> 230 User administrator logged in.
> ftp> quit
> 221
>
> Any ideas would be appreciated - apologies that this has probably already
> come up in the past.
>
>