FTP 7.5 blind drop article

Years ago I wrote an article on setting up a blind drop FTP server   I was searching for some information and ran across an updated article using FTP 7.5.  Funny thing I recently setup a blind drop using FTP 7.5 and referred to my article on permissions. 


http://blogs.msdn.com/vivekkum/archive/2009/05/10/blind-drop-ftp-in-iis-7-7-5.aspx


btw – here is a Blind Get, I’ve not tried on FTP 7.5, the permissions should be similar. 


http://www.iislogs.com/articles/blindget/


Hope this helps


Steve Schofield


Microsoft MVP – IIS

Walkthrough on how to use FTP authentication to provide dynamic IP restrictions FTP 7.5

Few months back, Microsoft released a new module that blocked HTTP requests from brute force attack, http://www.iis.net/extensions/DynamicIPRestrictions   This is great for HTTP requests, but didn’t address another pressing need, FTP brute force attacks.  Robert McMurray published a walkthrough for the FTP service that shows how to create an authentication provider, that gives you dynamic IP restrictions for the FTP service.


Here is the how-to:
http://learn.iis.net/page.aspx/673/how-to-use-managed-code-c-to-create-an-ftp-authentication-provider-with-dynamic-ip-restrictions/


Thanks Robert for the great article.


Steve Schofield


Microsoft MVP – IIS

Use Powershell, WMI to retrieve DNS search order, Use Active Directory for list of computers.

# ********************* Global variables *********************
$sb =  new-object System.Text.StringBuilder
$sbErrors =  new-object System.Text.StringBuilder


# ********************* Defining functions *********************
function GetListOfComputer
{
$strCategory = “computer”
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher


$objSearcher.SearchRoot = $objDomain
$objSearcher.Filter = (“(objectCategory=$strCategory)”)


$colProplist = “name”
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}


$colResults = $objSearcher.FindAll()


foreach ($objResult in $colResults)
 {
  $objComputer = $objResult.Properties; $objComputer.name
  [string]$CN = $objComputer.name
  $ipaddress = Ping-Address $objComputer.name
  FOREACH-OBJECT {LogInfo $CN $ipaddress}
 }
}


function Ping-Address ([string]$strComputerName)
{
 $ipaddress = [System.Net.Dns]::GetHostbyName(“$strComputerName”) | select AddressList
 $strGetIPAddress = $ipaddress.AddressList[0].IpAddressToString
 Return $strGetIPAddress
}


function LogInfo ([string]$strServerName, [string]$strIPAddress)
{
  Write-Host $strServerName + “,” + $strIPAddress
  $pingresult = Get-WmiObject win32_pingstatus -Filter “address=’$strIPAddress’”
  $error.Clear()
  $ErrorActionPreference = “SilentlyContinue”
 
  if($pingresult.statuscode -eq 0)
   {
    trap [Exception] {continue}
    $colItems = get-wmiobject -query “Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = 1” -namespace “rootcimv2” -computername $strIPAddress
    foreach ($objItem in $colItems)
    {
         $strCaption =  $objItem.Caption
         write-host $strCaption


         $strDescription =  $objItem.Description
         write-host $strDescription


         $strDNSServerSearchOrder = $objItem.DNSServerSearchOrder
         write-host $strDNSServerSearchOrder


         $result = $strServerName + “,” + $strIPAddress + “,” + $strDNSServerSearchOrder + “,” + $strCaption + “,” + $strDescription + “`r”
         $sb.Append($result)
    }
   }
  else
   {
    Write-Host “Cannot connect:” + $strServerName + “,” + $strIPAddress
    $sbErrors.AppendLine($strServerName + “,” + $strIPAddress + “`r”)
    }
}



# ********************* Get list of Computers and call function to get data *********************
GetListOfComputer


# ********************* Write out data *********************
write-output $sb.ToString() >E:TempComputerList.txt
write-output $sbErrors.ToString() >E:TempComputerListNotFound.txt