| Groups | Blog | Home |
iis security : FTP Questions
I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need
to have user have FTP access to their websites. I have a seperate server I can setup as an FTP server , but I am looking at the best way for security. these two server are in there own workgroups out on my DMZ on my firewall. I was looking at a third party FTP product like Serv-U. Would setting up the FTP server for none domain users and having a mapped drive to my webserver for the domain user to be able to FTP in and get to their domains work? If not, what solutions would
I setup the MS ftp, too time consuming and difficult to manage. Is
there an advantage to having Serv-U running on it;s own server just for FTP , then mapping a drive to my web server for users to update their websites. or is there a better way? On Thu, 05 Feb 2004 20:58:28 GMT, jcochran.nospam@naplesgov.com (Jeff [quoted text, click to view] Cochran) wrote:
>On Thu, 05 Feb 2004 15:32:42 -0500, Pat <htech@hotmail.com> wrote: > >>I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >>to have user have FTP access to their websites. I have a seperate >>server I can setup as an FTP server , but I am looking at the best way >>for security. these two server are in there own workgroups out on my >>DMZ on my firewall. I was looking at a third party FTP product like >>Serv-U. Would setting up the FTP server for none domain users and >>having a mapped drive to my webserver for the domain user to be able >>to FTP in and get to their domains work? If not, what solutions would >>work? > >I prefer WSFTPD to ServU, but both will work fine. You can use the MS >FTP server, though features are lacking for your bneeds. > >Jeff
[quoted text, click to view]
On Thu, 05 Feb 2004 15:32:42 -0500, Pat <htech@hotmail.com> wrote: >I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >to have user have FTP access to their websites. I have a seperate >server I can setup as an FTP server , but I am looking at the best way >for security. these two server are in there own workgroups out on my >DMZ on my firewall. I was looking at a third party FTP product like >Serv-U. Would setting up the FTP server for none domain users and >having a mapped drive to my webserver for the domain user to be able >to FTP in and get to their domains work? If not, what solutions would >work? I prefer WSFTPD to ServU, but both will work fine. You can use the MS FTP server, though features are lacking for your bneeds.
In article <lp95201v5ied7f061rto4q9ikjq53nr779@4ax.com>,
htech@hotmail.com says... [quoted text, click to view] > I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need > to have user have FTP access to their websites. I have a seperate > server I can setup as an FTP server , but I am looking at the best way > for security. these two server are in there own workgroups out on my > DMZ on my firewall. I was looking at a third party FTP product like > Serv-U. Would setting up the FTP server for none domain users and > having a mapped drive to my webserver for the domain user to be able > to FTP in and get to their domains work? If not, what solutions would > work? I'm running server zilla on several systems, while it does not work with NTFS permissions, you can create groups of users, each user or group and be directed to a folder, and there is also bandwidth throttling in it. The FTP server in IIS, while it does work, if you create folders for each user name they can still up one folder and see the others even if they can't get into them. For my solution I just setup a 500GB RAID 1, make partitions for each web site and point the IIS Web site and the Serverzilla FTP for each user at the partition - this way they can't go over their quota, and it does not rely on the OS to make it happen. Seems to work well. -- -- spamfree999@rrohio.com
how many domains are you running? I can see it working with a dozen or
so, but not with 100. thanks [quoted text, click to view] On Thu, 05 Feb 2004 23:07:40 GMT, Leythos <void@nowhere.com> wrote:
>In article <lp95201v5ied7f061rto4q9ikjq53nr779@4ax.com>, >htech@hotmail.com says... >> I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >> to have user have FTP access to their websites. I have a seperate >> server I can setup as an FTP server , but I am looking at the best way >> for security. these two server are in there own workgroups out on my >> DMZ on my firewall. I was looking at a third party FTP product like >> Serv-U. Would setting up the FTP server for none domain users and >> having a mapped drive to my webserver for the domain user to be able >> to FTP in and get to their domains work? If not, what solutions would >> work? > >I'm running server zilla on several systems, while it does not work with >NTFS permissions, you can create groups of users, each user or group and >be directed to a folder, and there is also bandwidth throttling in it. > >The FTP server in IIS, while it does work, if you create folders for >each user name they can still up one folder and see the others even if >they can't get into them. > >For my solution I just setup a 500GB RAID 1, make partitions for each >web site and point the IIS Web site and the Serverzilla FTP for each >user at the partition - this way they can't go over their quota, and it >does not rely on the OS to make it happen. > >Seems to work well. > > >--
In article <80u6209ss6c6vc9gonrqhs9594l1iprmm1@4ax.com>,
htech@hotmail.com says... [quoted text, click to view] > how many domains are you running? I can see it working with a dozen or > so, but not with 100. thanks > > On Thu, 05 Feb 2004 23:07:40 GMT, Leythos <void@nowhere.com> wrote: > > >In article <lp95201v5ied7f061rto4q9ikjq53nr779@4ax.com>, > >htech@hotmail.com says... > >> I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need > >> to have user have FTP access to their websites. I have a seperate > >> server I can setup as an FTP server , but I am looking at the best way > >> for security. these two server are in there own workgroups out on my > >> DMZ on my firewall. I was looking at a third party FTP product like > >> Serv-U. Would setting up the FTP server for none domain users and > >> having a mapped drive to my webserver for the domain user to be able > >> to FTP in and get to their domains work? If not, what solutions would > >> work? > > > >I'm running server zilla on several systems, while it does not work with > >NTFS permissions, you can create groups of users, each user or group and > >be directed to a folder, and there is also bandwidth throttling in it. > > > >The FTP server in IIS, while it does work, if you create folders for > >each user name they can still up one folder and see the others even if > >they can't get into them. > > > >For my solution I just setup a 500GB RAID 1, make partitions for each > >web site and point the IIS Web site and the Serverzilla FTP for each > >user at the partition - this way they can't go over their quota, and it > >does not rely on the OS to make it happen. > > > >Seems to work well. Assuming that you were going to bottom post, so that we could determine who you were replying to, I'll assume that you asked me: The number of domains doesn't matter - the software permits groups and then users. You have to login as a user, but you don't have to belong to a group - groups just make it easy to manage permissions. The software for the FTP server does not use Windows Authentication, so you don't have a limit to domains. -- -- spamfree999@rrohio.com
[quoted text, click to view]
On Fri, 06 Feb 2004 12:15:39 GMT, Leythos <void@nowhere.com> wrote:
>In article <80u6209ss6c6vc9gonrqhs9594l1iprmm1@4ax.com>, >htech@hotmail.com says... >> how many domains are you running? I can see it working with a dozen or >> so, but not with 100. thanks >> >> On Thu, 05 Feb 2004 23:07:40 GMT, Leythos <void@nowhere.com> wrote: >> >> >In article <lp95201v5ied7f061rto4q9ikjq53nr779@4ax.com>, >> >htech@hotmail.com says... >> >> I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >> >> to have user have FTP access to their websites. I have a seperate >> >> server I can setup as an FTP server , but I am looking at the best way >> >> for security. these two server are in there own workgroups out on my >> >> DMZ on my firewall. I was looking at a third party FTP product like >> >> Serv-U. Would setting up the FTP server for none domain users and >> >> having a mapped drive to my webserver for the domain user to be able >> >> to FTP in and get to their domains work? If not, what solutions would >> >> work? >> > >> >I'm running server zilla on several systems, while it does not work with >> >NTFS permissions, you can create groups of users, each user or group and >> >be directed to a folder, and there is also bandwidth throttling in it. >> > >> >The FTP server in IIS, while it does work, if you create folders for >> >each user name they can still up one folder and see the others even if >> >they can't get into them. >> > >> >For my solution I just setup a 500GB RAID 1, make partitions for each >> >web site and point the IIS Web site and the Serverzilla FTP for each >> >user at the partition - this way they can't go over their quota, and it >> >does not rely on the OS to make it happen. >> > >> >Seems to work well. > >Assuming that you were going to bottom post, so that we could determine >who you were replying to, I'll assume that you asked me: > >The number of domains doesn't matter - the software permits groups and >then users. You have to login as a user, but you don't have to belong to >a group - groups just make it easy to manage permissions. > >The software for the FTP server does not use Windows Authentication, so >you don't have a limit to domains. > >--
On Fri, 06 Feb 2004 19:18:59 GMT, jcochran.nospam@naplesgov.com (Jeff
[quoted text, click to view] Cochran) wrote: >On Thu, 05 Feb 2004 16:46:42 -0500, Pat <htech@hotmail.com> wrote: > >>I setup the MS ftp, too time consuming and difficult to manage. Is >>there an advantage to having Serv-U running on it;s own server just >>for FTP , then mapping a drive to my web server for users to update >>their websites. or is there a better way? > >Run it on the web server itself. > >Jeff I have it on the web server now, but are there any security issues running FTP on a webserver? Pat [quoted text, click to view] >
>>On Thu, 05 Feb 2004 20:58:28 GMT, jcochran.nospam@naplesgov.com (Jeff >>Cochran) wrote: >> >>>On Thu, 05 Feb 2004 15:32:42 -0500, Pat <htech@hotmail.com> wrote: >>> >>>>I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >>>>to have user have FTP access to their websites. I have a seperate >>>>server I can setup as an FTP server , but I am looking at the best way >>>>for security. these two server are in there own workgroups out on my >>>>DMZ on my firewall. I was looking at a third party FTP product like >>>>Serv-U. Would setting up the FTP server for none domain users and >>>>having a mapped drive to my webserver for the domain user to be able >>>>to FTP in and get to their domains work? If not, what solutions would >>>>work? >>> >>>I prefer WSFTPD to ServU, but both will work fine. You can use the MS >>>FTP server, though features are lacking for your bneeds. >>> >>>Jeff
[quoted text, click to view]
On Thu, 05 Feb 2004 16:46:42 -0500, Pat <htech@hotmail.com> wrote: >I setup the MS ftp, too time consuming and difficult to manage. Is >there an advantage to having Serv-U running on it;s own server just >for FTP , then mapping a drive to my web server for users to update >their websites. or is there a better way? Run it on the web server itself. Jeff [quoted text, click to view] >On Thu, 05 Feb 2004 20:58:28 GMT, jcochran.nospam@naplesgov.com (Jeff
>Cochran) wrote: > >>On Thu, 05 Feb 2004 15:32:42 -0500, Pat <htech@hotmail.com> wrote: >> >>>I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >>>to have user have FTP access to their websites. I have a seperate >>>server I can setup as an FTP server , but I am looking at the best way >>>for security. these two server are in there own workgroups out on my >>>DMZ on my firewall. I was looking at a third party FTP product like >>>Serv-U. Would setting up the FTP server for none domain users and >>>having a mapped drive to my webserver for the domain user to be able >>>to FTP in and get to their domains work? If not, what solutions would >>>work? >> >>I prefer WSFTPD to ServU, but both will work fine. You can use the MS >>FTP server, though features are lacking for your bneeds. >> >>Jeff
[quoted text, click to view]
On Fri, 06 Feb 2004 14:18:58 -0500, Pat <htech@hotmail.com> wrote: >On Fri, 06 Feb 2004 19:18:59 GMT, jcochran.nospam@naplesgov.com (Jeff >Cochran) wrote: > >>On Thu, 05 Feb 2004 16:46:42 -0500, Pat <htech@hotmail.com> wrote: >> >>>I setup the MS ftp, too time consuming and difficult to manage. Is >>>there an advantage to having Serv-U running on it;s own server just >>>for FTP , then mapping a drive to my web server for users to update >>>their websites. or is there a better way? >> >>Run it on the web server itself. >> >>Jeff > >I have it on the web server now, but are there any security issues >running FTP on a webserver? Of course there are. Just as there are security issues with running FTP on a separate system that connects to the web server. Except that running on the web server eliminates the second potentially insecure box, the potentially insecure connection between boxes and so on. You'll find that if you can't secure your FTP server on the same box as the files available to it, you're certainly not going to secure it any better with a second box involved. Jeff [quoted text, click to view] >Pat
>> >>>On Thu, 05 Feb 2004 20:58:28 GMT, jcochran.nospam@naplesgov.com (Jeff >>>Cochran) wrote: >>> >>>>On Thu, 05 Feb 2004 15:32:42 -0500, Pat <htech@hotmail.com> wrote: >>>> >>>>>I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need >>>>>to have user have FTP access to their websites. I have a seperate >>>>>server I can setup as an FTP server , but I am looking at the best way >>>>>for security. these two server are in there own workgroups out on my >>>>>DMZ on my firewall. I was looking at a third party FTP product like >>>>>Serv-U. Would setting up the FTP server for none domain users and >>>>>having a mapped drive to my webserver for the domain user to be able >>>>>to FTP in and get to their domains work? If not, what solutions would >>>>>work? >>>> >>>>I prefer WSFTPD to ServU, but both will work fine. You can use the MS >>>>FTP server, though features are lacking for your bneeds. >>>> >>>>Jeff
In article <7bj720d3fni0tmdarbic5vikcbu8uijgjk@4ax.com>,
htech@hotmail.com says... [quoted text, click to view] > On Fri, 06 Feb 2004 12:15:39 GMT, Leythos <void@nowhere.com> wrote: > > >In article <80u6209ss6c6vc9gonrqhs9594l1iprmm1@4ax.com>, > >htech@hotmail.com says... > >> how many domains are you running? I can see it working with a dozen or > >> so, but not with 100. thanks > >> > >> On Thu, 05 Feb 2004 23:07:40 GMT, Leythos <void@nowhere.com> wrote: > >> > >> >In article <lp95201v5ied7f061rto4q9ikjq53nr779@4ax.com>, > >> >htech@hotmail.com says... > >> >> I'm running one W2K box with IIS 5.0. I have 100 domains on it. I need > >> >> to have user have FTP access to their websites. I have a seperate > >> >> server I can setup as an FTP server , but I am looking at the best way > >> >> for security. these two server are in there own workgroups out on my > >> >> DMZ on my firewall. I was looking at a third party FTP product like > >> >> Serv-U. Would setting up the FTP server for none domain users and > >> >> having a mapped drive to my webserver for the domain user to be able > >> >> to FTP in and get to their domains work? If not, what solutions would > >> >> work? > >> > > >> >I'm running server zilla on several systems, while it does not work with > >> >NTFS permissions, you can create groups of users, each user or group and > >> >be directed to a folder, and there is also bandwidth throttling in it. > >> > > >> >The FTP server in IIS, while it does work, if you create folders for > >> >each user name they can still up one folder and see the others even if > >> >they can't get into them. > >> > > >> >For my solution I just setup a 500GB RAID 1, make partitions for each > >> >web site and point the IIS Web site and the Serverzilla FTP for each > >> >user at the partition - this way they can't go over their quota, and it > >> >does not rely on the OS to make it happen. > >> > > >> >Seems to work well. > > > >Assuming that you were going to bottom post, so that we could determine > >who you were replying to, I'll assume that you asked me: > > > >The number of domains doesn't matter - the software permits groups and > >then users. You have to login as a user, but you don't have to belong to > >a group - groups just make it easy to manage permissions. > > > >The software for the FTP server does not use Windows Authentication, so > >you don't have a limit to domains. > > > >-- > but your still setting up a partition for each domain? Yes, I setup a drive partition for each company that uses the space. If they want to expand, I create a larger partition, copy the files, repoint the session to it. This way I don't have to mess with NTFS or OS accounts. -- -- spamfree999@rrohio.com
In article <4025ae40.203150394@msnews.microsoft.com>,
[quoted text, click to view] jcochran.nospam@naplesgov.com (Jeff Cochran) wrote: >I prefer WSFTPD to ServU, but both will work fine. You can use the MS >FTP server, though features are lacking for your bneeds. I'm hoping you mean WFTPD - I'd hate to lose a user. Alun. ~~~~ [Please don't email posters, if a Usenet response is appropriate.] -- Texas Imperial Software | Find us at http://www.wftpd.com or email 1602 Harvest Moon Place | alun@texis.com. Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
Don't see what you're looking for? Try a search.
|
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |