The step-by-step instructions would be quite lengthy, so I'll provide only high-level instructions:
- Install IIS 6.0, including the FTP component. Ensure FTP is set to start automatically.
- Create a user account with a password by using the Computer Management console. Place the computer in the Guests group, and remove it from the Users group.
- Use Explorer to grant the new account change permissions to your FTP Root folder
- Use the Internet Services Manager to configure FTP to allow authenticated users and not allow anonymous users.
Remember that FTP passwords can be sniffed because they're not transferred using encryption. They're a whole mess of other security considerations, so please do read up on IIS security issues: http://www.microsoft.com/technet/security/prodtech/iis/
This was first published in January 2004