NEWS YOU CAN USE FROM VANDYKE SOFTWARE
We had a great response to the April Reader Survey. Thank you to everyone who participated. In this issue, learn more about your fellow readers and their security interests. We also provide a tip about a useful SecureFX script and a link to an amusing description of an SSH1 exploit in "The Matrix Reloaded".
New maintenance releases are now available for VShell Server for Windows 2.1.4, SecureCRT 4.0.6, SecureFX 2.1.5, Entunnel 1.0.5, CRT 4.0.6, and AbsoluteFTP 2.0.5.
1. Feature - Reader Survey Results Are In!
Mac OS X platform support will soon be available in VShell Server for UNIX 2.2. VShell for UNIX provides IT professionals with the ability to configure a Secure Shell solution from VanDyke Software for their mixed platform networks and replace nonsecure Telnet and FTP access to UNIX servers with SSH2. This beta release will be available to a limited number of testers.
To find out more about the beta program for Mac OS X, contact kelli
Learn more about VShell for UNIX at:
******************** BETA NOW AVAILABLE ********************
Thanks to all of you who participated in the April Reader Survey. We hoped to get a 5% response rate and 12% of you completed the survey. We appreciate the time you took to share your thoughts with us.
Here's an overview of what your fellow readers look like:
- Over 17% of you are system administrators. Eleven percent are directors (director of IT, product director, or managing director). Nine percent are consultants, 8% programmers or analysts, 8% network or systems engineers, 7% software engineers, and 6% senior network engineers/technologists.
- You are almost evenly split between preferring an HTML (44%) and a text (56%) format for the newsletter. Some of you suggested that we continue the text format, but offer a link to an HTML version on our web site. This is now available at:
- An overwhelming majority of you (83%) prefer to search using Google. Other search engines you mentioned included Yahoo, Altavista, Excite, Hotbot, Lycos, Copernicus, and Opera.
- You were evenly divided between wanting a longer newsletter and preferring to keep it concise with links to articles on our web site.
- We asked you to rank the value of the newsletter's current sections: feature article, tips, new releases, current releases, quote of the month, and recommended reading. The most valuable section is new releases, followed by tips and current releases. You're most interested in reading about security issues, secure shell "ins and outs", software tips, and security basics.
- You'd like to see more useful tips and ideas. You also suggested that we give you more information about security and Secure Shell functionality, as well as more technical news and security problems and fixes.
While we were glad to hear that many of you like the newsletter the way
it is, we'll be working to implement many of your suggested improvements
over the next few months. Thanks again
Would you like to have your log information include the date as part of the log file name? If you are using the SecureFX or AbsoluteFTP command-line client (sfxcl.exe or aftpcl.exe, respectively), you can create a DOS batch file to make the log information go to a file with the date as part of the name.
Here's a sample DOS batch file:
This will create a log file with the current date as the log name, such as "05212003.log".
Have you ever reported a bug to VanDyke technical support? If so, we'd like to hear your opinions about how we distribute our hot fixes and what you'd like to see in the future.
If you've reported a bug to us, and would like to participate in this short survey, go to:
Have you seen "The Matrix Reloaded" yet? If you haven't, or the next time you see it, check out the scene in which Trinity hacks into the power grid using Nmap to pull off an SSH1 exploit.
Fyodor, creator of Nmap and owner of a web site and mailing list at email@example.com, has written up an amusing account of Trinity's exploit.
Take a minute to read Fyodor's complete posting at:
Even companies that have turned off nonsecure protocols such as Telnet may overlook switching from FTP to a secure file transfer solution. In the April 29 issue of his Weakest Security Link series at SearchNetworking.com, Luis Medina focuses on securing file transfers using SSH2.
In this article, find out how to set up a secure file transfer solution with SecureFX and an SSH2 server. Read more at:
Medina is also author of "The Weakest Security Link Series" (Writers Club Press, 2003, ISBN 0595264948), a book of security tips for network users, administrators, and engineers.
In "The Weakest Security Link," Medina advocates and provides
tips for proactively implementing a comprehensive security approach that
establishes defenses in all seven layers of the
This book will save you time and effort by helping you to identify the weakest - and often overlooked - links in your network security.
VShell Server for Windows 2.2 and VShell Server for UNIX 2.2 are now in limited beta release. VShell Server 2.2 increases your choices for enterprise-wide authentication methods by introducing support for Kerberos v5 authentication via GSSAPI. VShell Server 2.2 provides you with more options to fine tune your server and environment and limit access to sensitive areas.
To find out more about VShell Server for Windows 2.2 and how to participate in the beta 2 test program, visit:
New maintenance releases are available for VShell Server for Windows 2.1.4, SecureCRT 4.0.6, SecureFX 2.1.5, Entunnel 1.0.5, CRT 4.0.6, and AbsoluteFTP 2.0.5.
You can download these releases at:
For quick access to previous official releases, go to:
Here are our latest official product releases:
To download any of our current releases, go to:
To download OpenSSH 3.5p1, an extended version of OpenSSH that supports the public-key subsystem, visit:
VanDyke Company News is an opt-in mailing list. If you prefer not to receive e-mail like this from us, or need to change your e-mail address, go to:
with the following message in the body of your e-mail:
VanDyke Software, AbsoluteFTP, CRT, Entunnel, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.
All other products and services mentioned are trademarks or registered trademarks of their respective companies.