The 'connection timeout' box shows the amount of time a connected user
will be allowed to remain idle before being disconnected. By clicking the 'current
sessions' button at the bottom, you can view who is currently connected to your
FTP site, and if you wish, disconnect them.
The next tab 'security
accounts,' controls whether anonymous users (that means everyone) are allowed to
access your FTP site or not. As mentioned above, by default anyone can access
your FTP site without a username or password.
IIS uses a built-in user account
with a defined set of restrictions to authenticate anyone who connects. This
user account, the 'IUSR_(computername) account, is created when IIS is
installed, and is also used to allow access to websites you may publish. It is
restricted from accessing non-IIS parts of your Windows system.
To be honest, there is not really a
correct choice for this setting. If you allow anonymous access, anyone can
connect to your FTP site and view any files that you place there.
anonymous access has its own set of risks, however, which we will cover in the
'FTP security' section below. For now, leave anonymous access
enabled. The next section, 'messages,'
simply allows you to set various text messages which users connecting to your
site will see. Fairly self-explanatory.