Summary

Using the ADSI techniques presented in this chapter, you can easily perform basic FTP site configuration tasks , including manipulation of the site's identification, number of connections, and logging format.

To reduce the risks associated with network protocol analysis-type attacks, Microsoft recommends the use of only anonymous connections to your site. Although this may protect against attacks from hackers sniffing the network, it opens up the potential for an attacker to obtain the credentials used for the anonymous user account using ADSI. Before selecting your FTP site security configuration, you should carefully analyze the area that presents the greatest threat to the integrity of the data hosted on the site.

Unique to the FTP site is the ability to define custom client messages upon instantiation, termination, and denial of a connection. In addition to the ability to host files locally or on a remote file share, you can also configure the directory listing style presented to the client using the MSDOSDirOutput property. In similar fashion to other IIS services, you can selectively grant and deny access to the site based on IP address or DNS domain.

Using the programmatic techniques presented in this chapter and a little bit of imagination , you can create easy-to-use administrative applications that allow the user to create her own FTP site from a Web page. Shifting the administrative burden from administrators to users can allow a more proactive approach to administration and free you to perform more interesting and complex duties for the organization.