Announcement

Collapse
No announcement yet.

how to protect my FTP server from attacks ?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • how to protect my FTP server from attacks ?

    Hi All!

    I recently installed server: windows 2003 Standard Edition+ISA2004
    There are two network cards installed in this computer- LAN and WAN.
    The main role of this server - FTP server.
    I removed anonymous access to the server.
    I published ftp server using ISA 2004.

    This morning I found a thousand entries in windows system log - all were the same: MSFTPSVC denied access to the Ftp server.
    In IIS, I found that remote user with remote static IP was connected to the server, and tried different usernames and passwords in order to get access to the ftp server. I tried to terminate session - but it restored automatically. I guess that attacker used some hacking program...

    Eventually, I addedd attacker's static IP address to the list of blocked IP addresses. The problem is fixed. But ...for future...how can I make my ftp server more secure ? Can such attacks cause server crash ? Denial of service ? I understand that ISA 2004 is reliable, but anyway.....

    I cannot limit external IP addresses for access FTP server....It is for our customers.... Ftp SERVER should be available from any IP address...

    Might be, professionals can suggest me to read more about ftp server security ? please advise !

    Thank you,
    Mihail
    regards,

    Mihail Kravsun
    MCSA, CCNA

  • #2
    Re: how to protect my FTP server from attacks ?

    Hi,
    As much as I remember, there is an option to restrict login after several times that you trying.
    check it out and let me know.

    Comment


    • #3
      Re: how to protect my FTP server from attacks ?

      Unfortnately MS's implementation of FTP is rather lacking in the features department...

      There's no way to easily automate a number of things that would greatly decrease the kind of activity you've described. I'd suggest you look into another FTP product if you're concerned about someone slamming you from a certain IP or attempting a brute force log on from common user accounts.

      If you're willing to pay check out:
      BulletProof FTP - http://www.bpftpserver.com/
      FTPserv-u - http://www.serv-u.com/

      Both of the products will auto ban IPs if they attempt multiple connections in a time span (ie 10 connections in X min) and auto lock accounts after multiple failed log on attempts.

      I'm sure there are other good FTP programs out there - others please feel free to chime in with your suggestions.
      Last edited by ahinson; 31st July 2006, 16:34.
      Andrew

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        Re: how to protect my FTP server from attacks ?

        Dear holler1 and ahinson!

        thank you for your responses!

        with kind regards,
        Mihail
        regards,

        Mihail Kravsun
        MCSA, CCNA

        Comment


        • #5
          Re: how to protect my FTP server from attacks ?

          Microsoft FTP service is a good tool to use it for you internal LAN and if you are planing not spend money for such a product then is a good choice. In case though you are planing to publish an FTP server over the internet then you must have in mind that you need to secure it very well, and look for another solution which is a third party FTP server product which u can secure with several ways (SSL,TLS....), user rights, user access, use different ports instead of port 21.....etc.

          Regards
          --------
          Iraklis

          Comment

          Working...
          X