I recently installed server: windows 2003 Standard Edition+ISA2004
There are two network cards installed in this computer- LAN and WAN.
The main role of this server – FTP server.
I removed anonymous access to the server.
I published ftp server using ISA 2004.
This morning I found a thousand entries in windows system log – all were the same: MSFTPSVC denied access to the Ftp server.
In IIS, I found that remote user with remote static IP was connected to the server, and tried different usernames and passwords in order to get access to the ftp server. I tried to terminate session – but it restored automatically. I guess that attacker used some hacking program…
Eventually, I addedd attacker’s static IP address to the list of blocked IP addresses. The problem is fixed. But …for future…how can I make my ftp server more secure ? Can such attacks cause server crash ? Denial of service ? I understand that ISA 2004 is reliable, but anyway…..
I cannot limit external IP addresses for access FTP server….It is for our customers…. Ftp SERVER should be available from any IP address…
Might be, professionals can suggest me to read more about ftp server security ? please advise !
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.