Securing FTP over SSL [Windows Server 2019]

Published: 20 January 2021
on channel: OsbornePro TV

4,727

Securing FTP over SSL [Windows Server 2019]
I (tobor), cover how to secure the configuration and directory permissions for a Windows Server 2019 FTP over SSL server using IIS. If you like what you see please Subscribe!

0:00 Intro Summary
0:53 Active Directory Users and Groups
1:37 Covering how the contents of the UserList.csv file is used with 1-ConfigureWindowsFTPS-CreateFTP-UsersAndGroup.ps1
2:30 FTP Directory locations (Network Share or Local Folder)
3:00 Adding users in CSV file to Admin or Users group in AD
3:38 Install Script for FTPS Server 2-ConfigureWindowsFTPS-ConfigureFTPoverSSLserver.ps1
4:10 Started Script Execution
4:50 Begin entering prompted values for AD Users and the permissions you want assigned
5:43 Name the IIS Manager FTP Site
5:53 Define the home directory for the FTP site
6:11 Explicit SSL or Implicit SSL connections
6:25 Difference between Explicit and Implicit connections
7:41 Firewall rule created for defined port
7:58 FTP Root directory folder was created and IIS Site created
8:22 Create Local FTP User group
8:35 Create a Local FTP user
9:12 Authorization Rules added to FTP Site
9:35 Basic Authentication enabled
9:53 Set permissions on the created folder for the FTP service
10:20 View permissionson FTP sites root directory
10:35 AD Attribute values getting pulled by FTP Service
11:39 Assigning an SSL certificate to the FTP Service
12:00 How the script auto discovers an SSL certificate using FriendlyName value
12:50 Define Passive Ports
13:14 How to Re-Define Passive ports in IIS Manager if desired
13:53 IP address required for clients on the other side of a router or firewall
14:16 How an IP Address is automatically determined with DHCP
14:40 Virtual Host name for the FTP site in IIS Manager Bindings
15:10 The hosts file on windows to add vhost names too
15:51 Firewall rule created for Passive FTP Ports defined earlier
16:06 128 bit encryption enabled
16:14 FTP Site restarted and port is confirmed open
16:30 FTP SSL Settings
16:57 Custom FTP Messages and Max Connections
17:27 Restict FTP Access based on IP address of clients
17:55 User Isolation values obtained from AD
18:08 Network Share Directory Permissions
18:33 Using FileZilla to access the FTPES or FTPS Instance
19:06 Sign into FTPES Server using an FTP-Admins member
19:28 Upload files with FTP-Admins user
19:41 Download file with FTP-Admins user
19:57 Make AD values for the FTP-Admins user so FTP Home directory is inaccessible
20:42 Sign into FTPES server with FTP-Users member (entered incorrect password on first attempt)
21:19 View AD Attributes of the FTP-Users member
21:34 View permissions on the network share permission for the FTP-Users member
22:09 Download files using FTP-Users member
22:18 Upload files denied because of FTP-Users group permissions
22:36 Add FTP-Users member to the local FTPUsers group to add Read,Write permissions
23:04 Add Write permissions to the local FTPUsers group
23:34 Connect to FTPES server with new permissions (Restart of FTP service required)
24:12 FTPUsers group successfully uploaded files
24:41 More restrictive permissions dont get applied
25:13 FTPES sign in using FTPUsers member accessing a local directory instead of a network share
26:07 AD Attributes assigned to ftpsuser accessing local FTP directory
26:48 Sign in to FTPES using an FTP-Users member with Read permissions only (Remove AD FTP-Users group from FTPUsers group)
27:58 Verify local group membership and verify upload was denied
28:43 Outro

View my Verified Certifications!
https://www.credly.com/users/robertho...

Follow us on GitHub!
https://github.com/tobor88
https://github.com/OsbornePro

Official Site
https://osbornepro.com/

Give Respect on HackTheBox!
https://www.hackthebox.eu/profile/52286

Like us on Facebook!
/ osborneprollc

View PS Gallery Modules!
https://www.powershellgallery.com/pro...

The B.T.P.S. Security Package
https://btpssecpack.osbornepro.com/

Watch video Securing FTP over SSL [Windows Server 2019] online, duration hours minute second in high quality that is uploaded to the channel OsbornePro TV 20 January 2021. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 4,727 times and liked it 27 visitors.

1,265