
Windows NT FTP Service
The FTP service that ships with Windows NT versions 3.51 and earlier does not
properly change the root of the file system, and is very difficult to secure
properly. The latest versions which ship with NT 4.0 and IIS do not display this
problem. If you require an FTP server on Windows NT for earlier versions, you
can secure it by creating a partition for the sole use of the FTP server, or
you can utilize the file system security settings. If you choose to use file
system security to configure the FTP server, create a user account for the FTP
service and set the FTP tree to the proper access, while denying any access to
the FTP server for the remainder of the drive. Allowing only anonymous logins is
also advised. Running an FTP service on a FAT file system is not advisable due
to the lack of security.