You can separate the OS users from ftp users by using a SQL backend to
authenticate. I have done this once but not sure if it works with
chroot jails.
Kosala
On Jan 18, 2008 11:02 PM, Andrea Gatta <andrea.gatta@gmail.com> wrote:
Hi Lauren,
not sure if it's possible using IIS but I would say that the best way
to lock down an FTP server might be starting to use a chroot
configuration. On some OS like Freebsd you can even go for a jailed
configuration which is even more strict than a simple plain chroot.
The main goal is, instead of allowing total access to the system,
limit access to a given and fixed part of the file system. That is,
once the user has logged into the system he/her will "see" only
his/her resources and nothing else. For example the command "cd /"
will only take the user to his/her "root" i.e. /home/user.
As I said, I'm not sure that this configuration is possible using IIS
but you may want to use proftpd which supports the chroot
configuration
Cheers,
Andrea.
On 18 Jan 2008 18:57:57 -0000, <lauren.malhoit@tylertech.com> wrote:
I'm preparing to build a new FTP server using IIS (or an IIS server using
FTP??? I'm not sure). Anyway, I was wondering if anyone could recommend
some good sources on how to lock it down. I need to configure it for an
FTP site that anyone can get to and one that is password protected. Thanks
in advance!
--
Kosala
--------------------------------------------
Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.
--------------------------------------------
blog.kosala.net
www.linux.lk/~kosala/
www.kosala.net
