Hey. Can anyone point me to a link where I can get information on setting up a secure (SSL) FTP Site at my office? I chould search google for an hour or so but I figure someone on here must know the perect site for me. Thanks

 

What kinda server? Linux/Unix/Windoze...

 

I dunno. Windows I guess. It's probably more along my skillset.

 

Well, if you want to do it on the cheap there are 100's of free/cheap secure FTP programs .. heck, just look at http://www.tucows.com/ftpserver95.html

I'd start downloading and find one that tickles your fancy!

 

Thanks, I'll check it out. We might land a big client and they're requiring a secure data transfer method,

 

Hey -

Using shareware programs like this, how concerned should I be about running the FTP app on our main file server? Should I run a separate box for this? Thanks.

 

I'd be more concerned about the security than anything else. If you don't already, you should have a dedicated DMZ zone where internet-exposed hosts sit. Opening ports to your internal network is a no-no..

 

Alright, makes sense. Right now we don't have any exposed hosts. I'd prefer to keep it that way but it's not that simple. I guess I'll have to see what info I can find on setting up the network appropriately.

 

What kind of firewall are you running right now?

 

Right now we have a DSL Router (Meets our needs) connected to a Netscreen Firewall that plugs into one of three 20-port Cisco routers. Our current file server occupies one of those ports as do the rest of our internal machines.

 

Hopefully your Netscreen has a dedicated DMZ port you can use, then just get a cheap-o PC to run the FTP software and harden the box. Shoot me some e-mail if you want/need help or wish to look into other firewall products. I know a thing or two about this stuff...

 

If you are using windows it already has FTP

Just install IIS and then google for iis lockdown

YOu can turn off all the services you dont need like Web etc and if you are running windows server you can limit the incoming connections to a single IP - that would be the best way -

All that along with the firewall settings previously discussed would be my suggestion

Its not hard - I would rather trust IIS than shareware for a corporate FTP site

Doug

 

Actually,

The words FTP and secure used in the same sentence are for all practical purposes an oxymoron.

But,

If you STILL want to do it, and you're using a win2k or better server, just make sure you have IIS installed (or in the case of 2003, set up in the application server role with IIS installed). All you really have to do from there is map your FTP site to an IP address. The documentation for server 2003 isn't too shabby for setting up websites and FTP sites.

If at all possible, try to send the files via HTTPS instead of FTP over ssl. There's a few security issues I've personally never liked with FTP.

I know none of this will help much, but here's a link that'll help you get your feet on the ground with.

http://www.microsoft.com/resources/d...sitesetup.mspx

Win2K isn't much different (easier to setup actually because it's quite insecure by default whereas 2003 is dialed way back)

-Fatz

p.s. I know. I'm a Geek. It's an afflication I've turned into a career.