Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

ftp server

Feb 24, 2004 3:57AM PST

I have an ftp server set up with windows 2000 server. Could someone tell me how I can see who has tried to authenticate and failed and who was successful and what time and so forth? Thanks

Discussion is locked

- Collapse -
Re:ftp server = security issue.
Feb 24, 2004 4:01AM PST

Remember that ftp passes name and passwords in the clear. If I was on the same network as the server, it would be trivial to run a packet sniffer and pick off the names and passwords. FTP is insecure so you can be assured that someday, you will have an issue.

Please consider a move to a secure server like you find at http://www.openssh.org

Bob

- Collapse -
Re:Re:ftp server = security issue.
Feb 24, 2004 11:40AM PST

I know of the vulnerabilities of the server, I just want to know about a log and how to set it up so i can monitor the use of my ftp server. As far as the security issues, the only permission to the files on my server is read. So if someone was to get the password, would they be able to do any real damage?

- Collapse -
Re:Re:Re:ftp server = security issue.
Feb 24, 2004 12:09PM PST

"I know of the vulnerabilities of the server, I just want to know about a log and how to set it up so i can monitor the use of my ftp server. As far as the security issues, the only permission to the files on my server is read. So if someone was to get the password, would they be able to do any real damage?"

I'll write yes. What is unknown is the make/version of the ftp server. Some have published and known exploits that can ignore the read-only that you think you have inplace. My approach has been to only use uptodate servers and secure ones so to mitigate the risk.

For strictly downloads, a simpler HTTP site with .htaccess can supply files plus most web servers have a log file.

Without knowing make/version of the ftp server, I can't guess if it has a log file.

Bob

- Collapse -
Re:Re:Re:Re:ftp server = security issue.
Feb 24, 2004 12:16PM PST

the server is iis 2k server. Where can i find some info about .htaccess

- Collapse -
ftp server = can be exploited.
Feb 24, 2004 8:52PM PST

"the server is iis 2k server."

Just one of dozens -> http://www.securiteam.com/exploits/5YP011575W.html

I point out this one since once an attacker gets CMD access, they can go wild. Be sure you have IIS updated to it's latest release. If you just installed off the CD, then its full of holes.

I must write that securing IIS is not what I'll tell you since it goes for many pages. Many part-time IIS installers wear blinders on the issue and "hope" nothing happens. Let me give you some light reading on securing IIS -> http://www.securityfocus.com/infocus/1312

Q. "Where can i find some info about .htaccess"

http://www.google.com/search?&q=HTACCESS

- Collapse -
If you want a log, then you enable it.
Feb 24, 2004 9:31PM PST