Microsoft Windows Server features services that support several common technologies used on the Internet, including FTP. The lockdown configuration to secure a Windows FTP server before Internet deployment must include changing the default banner message so that would-be hackers cannot use the service type to look for attack vectors specific to the FTP service in use. Use the Internet Information Services (IIS) Manager utility to disable the default FTP banner in IIS 7.

  • Microsoft Windows Server features services that support several common technologies used on the Internet, including FTP.
  • Use the Internet Information Services (IIS) Manager utility to disable the default FTP banner in IIS 7.

Log into the Windows Server 2008 computer using the user name and password of an account that has Administrator permission for the computer.

Click the "Start" button on the Windows 2008 Server computer desktop, and select "Administrative Tools."

Click "Internet Information Services (IIS) Manager." The Internet Information Services (IIS) Manager window will appear.

Click once on the name of the FTP server located in the left pane.

Double-click on the "FTP Messages" icon.

Click the "Suppress Default Banner" check box.

Click the "Apply" button to save the settings.