NEWS YOU CAN USE FROM VANDYKE SOFTWARE
This month's newsletter highlights official releases of VanDyke Software(TM) secure products with new public-key management tools, a case study on cross-platform file revision and project management, and a tip on how to use a new wizard for entering license information into your VanDyke Software products.
SecureCRT(R) 4.0 and CRT(TM) 4.0 now provide basic Wyse 50/60 emulation and customization of menus and toolbars. SecureCRT also includes a VSH.EXE command-line utility that allows SSH sessions without the SecureCRT window.
1. Case Study - Secure File Revision and Project Management
An Internet Consulting Firm Creates a Cross-platform Collaborative Environment for Secure File Revision and Project Management.
Integrating Windows(R) workgroup users into a collaborative environment
with Linux and UNIX(R) users was a challenge for Multi-M/IA, an Internet
consulting firm located in the Netherlands. The company uses CVS and
SOAP hosted on external Linux servers. SOAP services were secured with
To overcome these issues, Multi-M/IA's UNIX administrator deployed VShell(TM) on the company's Windows 2000(R) workgroup server. SecureCRT and SecureFX client applications provided secure data tunneling (port forwarding) and remote file access. VanDyke Software server and client applications combined with WinCVS helped Multi-M/IA reduce training and support time while providing its Windows users with easy-to-use collaborative tools and interoperability with OpenSSH and CVS.
Read more about how Multi-M/IA created a solid, easy-to-maintain collaborative environment for its Windows workgroup at:
Password authentication, though long the easiest and most commonly used
security measure, has inherent weaknesses. Passwords need to be strong
and resistant to dictionary attacks. But long, obscure passwords are hard
to remember. And passwords are prone to social engineering--if asked,
many people will just give their password away. The bottom line is that
A recent article, "Psst... I know your password," by Robert
Lemos (ZDNet News, May 22, 2002, 4:55 AM PT), focuses on vulnerabilities
in user passwords. It offers a good overview of the reasons why
A solution is to replace passwords with public-key authentication. Public-key authentication has been difficult for large organizations to deploy, primarily because of the complexities of uploading a public key from the client PC, where the key is generated, to the server, where the key is needed for authentication.
Public Key Assistant removes these barriers to public-key implementation by allowing end users to easily upload and manage their own public keys on the server. Key generation and upload involves just a wiggle and a click of the mouse.
The VanDyke Software public-key management solution enables organizations
to benefit from the increased security of public keys while reducing administrative
hassles for network administrators
With the official release of SecureCRT 4.0, Public Key Assistant is now available in all VanDyke Software secure products.
Read more about the new official versions of SecureCRT 4.0 and SecureFX 2.1 with Public Key Assistant at:
VanDyke Software has posted extended OpenSSH source code (version 3.4p1) as a free download on our web site. These extensions support the Public Key Assistant feature in all secure VanDyke Software products, allowing end users to upload public keys to an OpenSSH server securely. If your organization has OpenSSH servers and wants to use secure public-key authentication, get the download today:
Entering your license information into SecureCRT, SecureFX,and CRT just got easier. The new official releases of these products have an improved License Wizard that can automatically parse the information from the Clipboard and fill in the fields automatically. Simply copy the license information from the registration letter we send you and start the License Wizard. Like magic, all of the fields are filled in for you! You can even copy the entire letter if you'd like. We'll be adding this feature to VShell and Entunnel(TM) in upcoming releases.
All VanDyke products are currently in official release. A complete list of VanDyke Software official releases can be found on our web site:
Listed below are direct download links to the latest official versions of VanDyke Software products:
SecureCRT 4.0 - NEW - Public Key Assistant
All VanDyke Software products may be downloaded and evaluated at no cost for 30 days. Licenses include one year of free upgrades and unlimited access to our expert technical support.
This month's pick was suggested by Marc Orchant at VanDyke Software.
"Authentication: From Passwords to Public Keys," by Richard
Book News, Inc. wrote: "Smith, a computer security professional with 10 years of experience, explains what an organization needs to do to reliably identify its users and tells how various techniques for verifying identity are executed. He describes the range of authentication methods in use, and examines situations in which certain techniques fail and points out ways to strengthen them. He focuses on existing, off-the-shelf solutions to security problems. Information is of interest to network professionals, designers, developers, and administrators." (®Book News, Inc., Portland, OR)
If you'd like to recommend a great book you've recently read, please submit your recommendation by e-mail to firstname.lastname@example.org. If we select your recommendation, we'll send you a gorgeous VanDyke Software T-shirt, so be sure to specify L or XL).
"Giving away the keys
...In a recent study by security firm PetaSafe Security Technologies, the company found that four out of five workers would disclose their passwords to someone in the company, if asked.
That's the good news. Another study by the same company found that nearly two-thirds of the workers polled at Victoria Station in London gave the pollster their passwords when asked. Their reward? A cheap pen."
--Robert Lemos, "Psst... I know your password." Special to
ZDNet News. May 22, 2002.
Vandyke Company News is an opt-in mailing list. If you prefer not to receive e-mail like this from us, you can unsubscribe or change your e-mail address at:
You may also send an e-mail message to:
with the following message in the body of your e-mail:
VanDyke Software, AbsoluteFTP, CRT, SecureCRT, SecureFX, Entunnel and
VShell are trademarks or registered trademarks of VanDyke Software, Inc.
All other products and services mentioned are