The File Transport Protocol, or FTP, TCP is a protocol of an old design, created to transfer files across the network. Because all transactions with the server is unencrypted, including user authentication, it is considered an insecure protocol and should be carefully configured. FTP includes internet protocol that allows you to transfer files of any type between different sites. Access to an FTP site can be of two types: valid, i.e. in a way that prompts the user to enter name and password, or that is anonymous in a way that does not require any authentication, and that usually is used to have access to areas that the operator of the server has defined as public.
This mode is most used for the retrieval of files shareware or public domain. FTP is short, the protocol which is classically the exchange of programs and documents via the Internet (a bit as it happens with e-mail), however, unlike e-mail that allows the exchange of files between a limited number of users (typically two, the sender and receiver) FTP is a service that a single entity or a provider, make available to the entire Internet community. In an anonymous FTP site, typically you will find software updates and documentation. Although access to an anonymous FTP site is not required to enter name and password, you must still respect a fundamental rule of netiquette and enter anonymous (spelled exactly like that) as the username, then your email address as the password. The figure is a typical example of the mask as an anonymous user connection to an FTP site. The password field contains the email address, however many programs the mask as you type directly for security reasons.
Here is some easy wasy to Secure your FTP Server :
Stopping Access to Anonymous clients : In Windows Server Anonymous login is setup by default. The FTP services comes with those settings. In this method the users can gain access to the server without the need of a user account. You can stop the same by clearing out the option of Allow Anonymous form the connection box. You can find the same in the Security Accounts column. Try to locate the same in the FTP Properties.
Logging Practice
You can setup a logging on your FTP so that you can track the record of logins on your server via ip address sand user account. This practice is much more better and helps you to identify the pattern of threats. The settings can be enabled from same properties tab of FTP Site.
Restricting the Disk Usage
You can use Disk Quota to control the usage of disk space. This can be effectively configured by reducing the amount of disk space that a user has on your system. I will recommend you to limit the amount of the same. You can enable the same from the disk partition properties.
IP Access
You make your server much secure if you can use IP Address filter. That means you can limit your server usage by IP Address. You can reduce exposure to your server and on the same hand unauthorized access is also stopped.
Bookmarks