Close Window
 

NEWS YOU CAN USE FROM VANDYKE SOFTWARE®

A Monthly Newsletter – December 2005

This month we have some serious security feature information for you, leavened by lighter fare to get you ready for the upcoming holidays. If you haven't read up on dynamic port forwarding with SecureCRT®, now is your big chance. Then, if you've been captured by one of those reflective year-end moods, there's probably something in the piece on Windows admin tips that you will want to try—right after New Year's, of course. And to top off the 2005 product releases, VShell® server version 2.5 went to official release. See you next year.

-------------
Contents
-------------

1. IETF News: Secure Shell RFCs Approach Completion
2. Dynamic Port Forwarding: An Overview
3. TechTarget's "Top 10 Windows Admin Tips"
4. Did You Know? Protocol-Specific Command-Line Options
5. Link: Port Forwarding Security For Wireless Hotspots
6. Technical Books: "The Unofficial LEGO Builder's Guide"
7. New and Current Releases

-------------------------
Online Resources
-------------------------

--------------------------------------------------------------------------
1. IETF News: Secure Shell RFCs Approach Completion
--------------------------------------------------------------------------

Get your party hats ready: the Secure Shell protocol (or SSH2) is on the threshold of being adopted as an internet draft standard by the Internet Engineering Task Force (IETF). The official RFC documents have entered the "author's 48 hours" stage just prior to publication (that is, formal adoption). Notwithstanding that the first commercial products were developed going on ten years ago, and the VanDyke Software SecureCRT client appeared in 1998, this is a significant step in the life of secsh.

The best local guess is that we may be able to stop calling the Secure Shell protocol a "draft" and start calling it a "standard" somewhere from two to five weeks out.

All IETF Secure Shell drafts are available on the IETF web site, and copies are available on the VanDyke Software site.

--------------------------------------------------------
2. Dynamic Port Forwarding: An Overview
--------------------------------------------------------

Port forwarding is a major feature of the Secure Shell protocol, used to securely tunnel data such as IMAP e-mail or a TCP/IP database query. It has been offered in SecureCRT ever since version 2.2 in 1998. Dynamic port forwarding, which allows forwarding of data like FTP that doesn't use a single port or server, has been part of SecureCRT since version 5.0, though it is generally not as well known. We will try to shed some light on its uses and configuration issues.

This article assumes basic familiarity with port forwarding and SOCKS. If your idea of SOCKS is the foot coverings you put into the dryer in pairs but only get one back, you might want to skip to the next article. But if you are a sysadmin or advanced user trying to find new ways to apply port forwarding, please read on!

Dynamic port forwarding is a local port forwarding option for SSH2 sessions that simplifies how TCP/IP application data is routed through the Secure Shell connection. Instead of configuring port forwarding on a per-application basis in SecureCRT, each application is configured to use a SOCKS server on a local host port. SecureCRT opens a port on the local host and acts as a SOCKS server for any SOCKS-compatible application, even those that use multiple ports, such as FTP.

If the remote port is not static, for example with FTP, dynamic port forwarding needs to be used. It also is needed when multiple hosts are used, for example with the MSN service, which requires connections first to an authentication server and then others.

Dynamic, application-level port forwarding capabilities are available with SecureCRT 5.0 and higher. The dynamic port forwarding option allows SecureCRT to act as a SOCKS5 proxy server on a specified port. This allows any client application that can connect using a SOCKS5 firewall to use the dynamic port forward. SecureCRT listens as a proxy server on a user-specified port. You direct your applications to send all traffic to this proxy, which sends the traffic on through the SSH2 connection to the Secure Shell server. The Secure Shell server sends the traffic to the final destination.

Visit the VanDyke Software web site to read the complete overview of dynamic port forwarding. There you will find instructions on configuration and a discussion of using dynamic port forwarding to streamline port forwarding configuration and maintenance.

----------------------------------------------------------------
3. TechTarget's "Top 10 Windows Admin Tips"
----------------------------------------------------------------

Here's some light reading for that Sunday afternoon at the office while you format the new hard drive for the mail server. The TechTarget web site SearchSMB.com posted its top tips for Windows administrators in November. Some of the topics include using Active Directory, ways to automate desktop tasks, how to configure OMA and ActiveSynch for Exchange 2003, and how to prevent tape restoration failures.

Read the complete SearchSMB.com article.

--------------------------------------------------------------------------------
4. Did You Know? Protocol-Specific Command-line Options
--------------------------------------------------------------------------------

Forum user jnielsen asked recently where she could find command line options for SSH1. That's easy—whether it's /L, /I, /C or /P, all such options are in the SecureCRT Help file, in the topic "Table of Protocol-Specific Command-Line Options'. And the same goes for SSH2 and serial connection options as well.

----------------------------------------------------------------------------
5. Link: Port Forwarding Security For Wireless Hotspots
----------------------------------------------------------------------------

Ever wished you had a little more privacy when you were sitting in your favorite beverage joint, with Joe there behind the couch reading the newspaper over your shoulder? Since some of you will be spending time over the holidays enjoying said joint's wireless internet connection, podcaster kevindevin has some timely advice on using Secure Shell to encrypt your web browsing, e-mail and even your instant messaging.

To read "SSH Tunneling In Hotspots For Privacy," follow this link.

Of course, tunneling from Starbuck's requires access to an Secure Shell server that you can reach from the wireless network—though kevindevin has a suggestion for that, too. And your e-mail or IM client will have to be SOCKS-compatible. The examples use UNIX or freeware clients, but everything can be done with SecureCRT—and more easily!

By the way, the security solution for instant messaging makes good use of dynamic port forwarding. Why not put all that new knowledge to good use right away—happy worry-free surfing!

------------------------------------------------------------------------------
6. Technical Books: "The Unofficial LEGO Builder's Guide"
------------------------------------------------------------------------------

Whether your household LEGO sets are a few chewed-up Duplos or a hundred thousand black bricks waiting to become the world's largest Death Star model, take a look at this seriously fun book from O'Reilly Books. "The Unofficial LEGO Builder's Guide", by Allan Bedford, covers the essentials of LEGO construction, topics like the best patterns to use, how to build spheres, and how to organize and store your pieces. The focus is on how to encourage your child, or maybe your inner child, to create original designs.

For more information visit the O'Reilly catalog.

----------------------------------------
7. New and Current Releases
----------------------------------------

The VShell server version 2.5 official release was made on November 17, adding X.509 digital certificate support for UNIX platforms and enhanced file triggers for improved automation of file transfer operations, as well as IPV6 support.

Here is a list of the latest official product releases:

  SecureCRT 5.0.4
  SecureFX 3.0.4
  Entunnel™ 1.1.2
  CRT 5.0.4
  AbsoluteFTP2.2.10
  VShell 2.5 Server for Windows
  VShell 2.5 Server for UNIX
    Red Hat Linux 7.x
    Red Hat Linux 8.x
    Red Hat Linux 9.x
    Red Hat Enterprise v2.1/v3
    Solaris 8 (SPARC)
    FreeBSD 4.8/5.3/5.4
    HP-UX 11
    Mac OS X 10.2
    AIX 4.3/5.2/5.3

All VanDyke Software products may be downloaded and evaluated free for 30 days. Licenses include one year of free upgrades and technical support.


Pass it along! If you find this monthly newsletter helpful and informative, forward it to co-workers or friends, or tell them where to sign up.

     http://www.vandyke.com/support/newsletter.html

RSS Feeds Now Available
-----------------------------------

Links to VanDyke Software pages with RSS feeds:

Subscription Information
----------------------------------

You received this e-mail because you subscribed to VanDyke Software News when you visited our web site or downloaded a VanDyke Software product. Click here to unsubscribe or change your e-mail address.

Don't miss out on important product news. If your ISP or e-mail client filters incoming e-mail, please add the domain @vandyke.com to your list of approved senders to make sure you receive the newsletters and product announcements to which you've subscribed.


Mailing Address
----------------------

  VanDyke Software, Inc.
  4848 Tramway Ridge Drive, NE
  Suite 101
  Albuquerque, NM 87111 USA

Got questions, comments, or ideas? E-mail or use the web forms by clicking on "Got a question or comment?" on any page on our web site, as you'll see on our What's New page.

---

VanDyke Software, AbsoluteFTP, CRT, Entunnel, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.

All other products and services mentioned are trademarks or registered trademarks of their respective companies.

Close Window