In IIS
8.0 Microsoft has introduced a new security feature for FTP service to prevent
the hackers from accessing the FTP server called FTP Logon Restriction.
Hackers
can use Scripts ,Brute-force attacks that can create a Denial-of-Service (DoS)
condition that can prevent legitimate Users from accessing an FTP server.
This
feature provides an additional password lockout policy that is specific to the
FTP service.FTP Logon Attempt Restrictions lets you block offending users from
logging on to an IIS FTP server for a specified period of time.Once the number
of logon attempts has been reached, the Ftp service will disconnect the Ftp
session, and it will block the IP address of the client from connecting until
the time period has passed. It will not blacklists any client whose
IP address violates the configured dynamic IP address filtering settings, FTP
Logon Attempt Restrictions uses a “gray listing” approach that denies only the
offending user for a certain period of time.
However,
by configuring this time period to be slightly more than that specified by your Domain
account lockout policy, you can prevent malicious users from locking legitimate
users out of accessing your FTP Server.
For
Example, if you configured your FTP 8 server for a maximum of four failed logon
attempts, you could configure your password lockout policy for a maximum of
five failed logon attempts. In this way, a malicious Ftp client would be
blocked once it reached four failed logon attempts, and yet the valid user
would still be able to access the account if he or she attempted to log on
during the time period where the attacker was blocked.
Lets
Configure FTP Logon Attempt Restriction:
1.Logon
as an administrator in Windows Server 2012
2.Open IIS
Manager.
3.Click on your Server Name in the Connection pane and then Double click on FTP Logon Attempt Restrictions.
4.Check the box to Enable FTP Logon Attempt Restrictions, and specify the number of failed login attempts and time period that the FTP service uses to determine whether to block access for FTP clients.
3.Click on your Server Name in the Connection pane and then Double click on FTP Logon Attempt Restrictions.
4.Check the box to Enable FTP Logon Attempt Restrictions, and specify the number of failed login attempts and time period that the FTP service uses to determine whether to block access for FTP clients.
5. Click
Apply.
No comments:
Post a Comment