tag:blogger.com,1999:blog-35119159.post4077316502071863285..comments2023-08-20T05:19:44.859-04:00Comments on Ask The Admin: My network works great from 9 to 5 but after that we have bandwidth issues and space disappears! Help!!Karl L. Gechlikhttp://www.blogger.com/profile/08319210063068776291noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-35119159.post-72690143311680916142007-09-05T10:46:00.000-04:002007-09-05T10:46:00.000-04:00For FTP I like FileZilla Server because it lets yo...For FTP I like <A HREF="http://www.bauer-power.net/2007/04/ftp-attack-thwarted-by-awesome-freeware.html" REL="nofollow">FileZilla Server</A> because it lets you host FTP over SSL which gives you a secure FTP connection. Regular FTP sends usernames and passwords in plain text over the wire and can easily be 'sniffed' using tools like Wireshark. It also gives you the option to create separate FTP user accounts that are different from your network accounts, as well as use non-standard usernames instead of defaults like root, admin or administrator. You can also require connection over SSL, and then your FTP server will drop all attempts on ports 20 and 21.El DiPablohttps://www.blogger.com/profile/14512110816007529233noreply@blogger.comtag:blogger.com,1999:blog-35119159.post-22763351054070396912007-09-05T07:05:00.000-04:002007-09-05T07:05:00.000-04:00Thank you for the info guys. I thought I was going...Thank you for the info guys. I thought I was going crazy. and PD those are great suggestions. Set it up like my mail server which we also keep set up like that. keep up the amazing work fellas. I have been reading for a few months now and refresh all day long.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-35119159.post-81283648131912969342007-09-04T21:33:00.000-04:002007-09-04T21:33:00.000-04:00If you need an externally accessible FTP server, b...If you need an externally accessible FTP server, build a simple box that does ONLY FTP and place it outside your firewall. Don't make it part of your internal network, don't log on with any internal accounts, make it completely isolated from your internal network.<BR/><BR/>That way if it gets hacked nothing critical is lost. You can still use an FTP client to get things to and from the machine easily.<BR/><BR/>Also, have separate folders for uploads and downloads. Create an upload folder that users can only upload to, no downloads; create a similar download folder. <BR/><BR/>That way automated systems can't upload to and download from the same folder. That configuration alone will keep most junk off your server.PDhttps://www.blogger.com/profile/08082178745978234877noreply@blogger.com