RE: Binding FTP Server Service to Internal Network Card

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian)
Date: Wed, 17 Aug 2005 10:04:59 GMT

Hi Alex:
Thank you for your post. I would also like to thank for all your comments.

I agree with you. It is recommended that FTP service be bound to internal
NIC, which makes traffic more secure.
If you intend to put sensitive data on your FTP site, or if secure
communications is important, consider using FTP over an encrypted channel
such as a virtual private network (VPN) that is secured with Point-to-Point
Tunneling Protocol (PPTP) or Secure Internet Protocol (IPSec). Or, consider
using Web Authoring with Web-based Distributed Authoring and Versioning
(WebDAV). WebDAV uses Secure Sockets Layer (SSL).
FTP exchanges content and user credentials in plaintext, we may need to use
VPN to encrypt the traffic.

Please feel free to let me know if you have any concerns.

Have a nice day!

Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "Alex" <alex@xxxxxx>
| Subject: Binding FTP Server Service to Internal Network Card
| Date: Tue, 16 Aug 2005 16:48:11 -0400
| Lines: 23
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
| X-RFC2646: Format=Flowed; Original
| Message-ID: <eQamMPqoFHA.708@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: adsl-070-155-022-138.sip.mia.bellsouth.net
70.155.22.138
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:144990
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Greetings everyone,
|
| In Harry Brelsford's "Windows SBS 2003 Best Practices" (An awesome book,
| btw!), Harry mentions that an extra security practice would be to bind
the
| ftp service to the internal NIC of the server. This would require a VPN
| connection prior to connecting to the FTP.
|
| My question is this:
|
| Would you recommend this scenario to customers that have customers with
| which they need to ftp?
|
| If so, I'm guessing user accounts would need to be created for each
customer
| that will be connecting, and then extra steps would need to be taken to
| ensure that they do not access anything else on the server. Am I correct
in
| my thinking?
|
| -Alex
| AMDG
|
| To send e-mail, substitue tunonenterprises for te.
|
|
|

.

Follow-Ups:
- Re: Binding FTP Server Service to Internal Network Card
  - From: Alex

References:
- Binding FTP Server Service to Internal Network Card
  - From: Alex

Prev by Date: Re: Error backing up the Registry
Next by Date: RE: mail relay problems setting up
Previous by thread: Re: Binding FTP Server Service to Internal Network Card
Next by thread: Re: Binding FTP Server Service to Internal Network Card
Index(es):
- Date
- Thread

Relevant Pages

Re: Binding FTP Server Service to Internal Network Card
... It is recommended that FTP service be bound to internal ... which makes traffic more secure. ... > Microsoft CSS Online Newsgroup Support ... > This newsgroup only focuses on SBS technical issues. ...
(microsoft.public.windows.server.sbs)
RE: Installing a webserver
... If you intend to put sensitive data on your FTP site, ... Tunneling Protocol or Secure Internet Protocol. ... WebDAV uses Secure Sockets Layer. ... Microsoft PSS Security ...
(microsoft.public.inetserver.iis.security)
Re: FTP versus Copy
... Remember what copy was meant for: copying small, local files. ... would recommend WebDAV over ftp. ... benchmark compressing the file before sending. ...
(microsoft.public.win2000.general)
Re: Xbox Downloading
... >> Can anyone recommend and ftp or http sites they use for downloading xbox ...
(alt.games.video.xbox)
Re: Independent FTP Hosting for Projects
... Can anyone recommend an FTP hosting site/service for project ... Our exchange server is getting swamped by the need to ... communicate large drawing files, so I need a straight forward ... I'd start by asking your webhosting company whether they offer FTP ...
(microsoft.public.windows.server.general)