Close Window
 

NEWS YOU CAN USE FROM VANDYKE SOFTWARE®

A Monthly Newsletter – February 2005

Whether you're digging out from under two feet of snow or just a blizzard of e-mail, we thought we could lighten your load this month with automation how-to's and tips. We focus on how to use VShell™ triggers to set up event-based responses, such as launching a script after file upload or download or sending an e-mail to alert you to failed authentication attempts. Also, a sample script may give you some ideas for more effective pass-through printing. Next are a HIPAA security information guide from SANS, and a "did you know...?" from the online forums on SecureCRT® session cloning. To wrap up, there's a bit of cryptography trivia from the art world to keep your yang and yin balanced.

-------------
Contents
-------------

1. Feature: Triggers Deliver Automation, Monitor Security
2. Tip: More Effective Pass-Through Printing with Perl
3. Health Industry News: SANS HIPAA Guide 2.0
4. Heard On The Forum: Cloning SecureCRT Sessions
5. Curious News: Encrypted Sculpture And The CIA
6. Scanning The Web – A Portrait of the Sys Admin...
7. New Releases
8. Current Releases

-------------------------------------------------------------------------------
1. Feature: Triggers Deliver Automation, Monitor Security
-------------------------------------------------------------------------------

Chances are you or the system administrators at your company are under increased pressure to provide a high level of data access and application services, while defending against attack and system compromise – probably with equal or fewer resources than last year. Here we address both of these critical areas using some recent information about automating VShell using triggers.

VShell triggers provide the ability to invoke an application or call a script or batch file to respond to specific events, reducing manual effort and enabling custom access solutions. The three available trigger events are SFTP file upload, down-load, and failed authentication.

The Georgia Municipal Association (GMA), a nonprofit serving the state's city, county and town governments, is a great example of how an organization can provide data access cost-effectively while maintaining a high level of security. Using VShell and triggers allows GMA to collect and disseminate data as well as provide customer services like online billing and payment.

To read more about the GMA solution, visit this page:

http://www.vandyke.com/customers/success/gma.html

If you're using VShell, a failed authentication trigger can send you an e-mail or pager alert when a specified number of logon attempts has been exceeded. With this early warning of a potential attack, you can take proactive action such as temporarily shutting down a user account or a range of IP addresses.

A recent blog entry on the Tony Lawrence site highlights possible Secure Shell attack scenarios to watch for, such as dictionary attacks. Lawrence's blog focuses on OpenSSH, but his discussion
and examples provide an excellent background on employing configuration parameters and good password strategies.

http://www.aplawrence.com/Blog/B1117.html

If the subject of triggers gives you ideas or dreams about new VShell controls you'd like to see, clue us in by joining the online Roadmap forum. Product director kelli burkinshaw wants to hear your views on several major enhancement areas.

To visit the VanDyke Software roadmap forum, aim your browser at:

http://forums.vandyke.com/forumdisplay.php?f=10

Recent News subscribers may want to check out the March 2004 newsletter tip, which discusses how to use the download trigger and MySQL to track user file-transfer activity.

http://www.vandyke.com/support/tips/vsmysqltrig.html

--------------------------------------------------------------------------
2. Tip: More Effective Pass-Through Printing with Perl
--------------------------------------------------------------------------

You may be a programmer looking for a quick and easy way to print source files directly to your local printer. Or perhaps you are developing an in-house application and want to roll out a mechanism for end users to print directly from their terminal to a desktop printer.

Sometimes remote applications don't support pass-through printing or you need to modify the process in some way. A customized script, such as the Perl script example in this tip, can be an effective solution.

The script notes provide you with all of the escape sequences for the emulations supported by CRT™ and SecureCRT. The script shows you a simple example of how to use the escape sequences, which you can modify or build on to suit your particular needs.

This tip is directed at experienced UNIX users and system administrators.

Read this tip and download the sample Perl script at:

http://www.vandyke.com/support/tips/passthruprint.html

---------------------------------------------------------------
3. Health Industry News: SANS HIPAA Guide 2.0
---------------------------------------------------------------

The SANS Institute, a security education and training nonprofit, has just released a revised version of their HIPAA security guide for the health care industry. With a major HIPAA implementation deadline only weeks away, "HIPAA Security Implementation" may be just in time to help hospitals, insurance companies, and other organizations design and implement HIPAA-compliant systems. You can view a table of contents and sample pages online, or order the complete guide for $99 at:

https://store.sans.org/store_item.php?item=117

-------------------------------------------------------------------------
4. Heard On The Forum: Cloning SecureCRT Sessions
-------------------------------------------------------------------------

A General forum member recently requested the ability to launch a new window to a current session in SecureCRT. Well, "uluttrell" was happy to learn that this capability already exists for SSH2 in SecureCRT 4.1.

To create another window to the current SSH2 session (over the same transport), map a key to the SSH Function SSH_NEW_SESSION (see the SecureCRT help section on "Configuring the Keyboard," especially the topic "Table of Keymap Functions").

The same member also cast a vote for adding a "clone" command to the tab menu which would open the session to a new window. This feature will be added in SecureCRT 5.0 or 5.1. See the entry "Launch New Window to Same Session" at:

http://forums.vandyke.com/showthread.php?t=407

The forums are a great place to get your questions answered. And who knows, your post might lead to a bug fix or a new feature. If you haven't yet logged on, a great time to start will be the new forums for SecureCRT 5.0 and SecureFX(R) 3.0 that will go online shortly with the beta 1 release of these products.

  Sign up today at: http://forums.vandyke.com/index.php

----------------------------------------------------------
5. Curious News: Encrypted Sculpture And The CIA
----------------------------------------------------------

Can you decode under 100 characters of text where hundreds of others have failed? In January, Kim Zetter of Wired News reported on a large sculpture of petrified wood and copper by artist Jim Sanborn that sits in a courtyard at the CIA's headquarters in Langley, Virginia. The sculpture includes four segments of encoded text, the last of which has defied attempts to crack it since 1990. And it's an interesting-looking piece as well.

Read the Wired article "Solving the Enigma of 'Kryptos'", which includes depictions of the coded messages at:

http://www.wired.com/news/culture/0,1284,66334,00.html

See the CIA images and description of Kryptos here:

http://www.odci.gov/cia/information/tour/krypt.html

-----------------------------------------------------------------------
6. Scanning The Web - A Portrait of the Sys Admin...
-----------------------------------------------------------------------

"White male. Thirty-eight years old. Holds a bachelor's or higher degree. Eleven years of IT experience. Six years with present company." That's the portrait of the typical IT pro according to a survey published in the December 2004 issue of Windows IT Pro magazine.

Not what you see in the mirror? Fits you and your colleagues to a "T"? Send us your view of typical IT pro (or tell us how you've broken the mold) at . If we hear from enough of you, next month we'll hold up an informal portrait of the VanDyke Software IT pro and see how it compares.

To read the survey results, visit "Putting a Face on the IT Pro" by Janet Robbins at:

http://www.windowsitpro.com/Article/ArticleID/44434/44434.html?Ad=1

-----------------------
7. New Releases
-----------------------

Maintenance updates of official releases were made in February to SecureCRT 4.1.10, SecureFX 2.2.9, CRT 4.1.10 and AbsoluteFTP® 2.2.9.

You can download new and previous releases at:

  http://www.vandyke.com/download/latestreleases.html

---------------------------
8. Current Releases
---------------------------

The following lists the latest official product releases:

  SecureCRT 4.1.10
  SecureFX 2.2.9
  Entunnel™1.1.2
  CRT 4.1.10
  AbsoluteFTP® 2.2.9
  VShell™ 2.3.3 Server for Windows
  VShell 2.3.3 Server for UNIX
  Red Hat Linux 7.x
  Red Hat Linux 8.x
  Red Hat Linux 9.x
  Red Hat Enterprise v2.1/v3
  Solaris 8
  FreeBSD 4.8
  HP-UX 11
  Mac OS X 10.2
  AIX 4.3/5.2

To download any of the current releases, go to:

  http://www.vandyke.com/download/latestreleases.html

All VanDyke Software products may be downloaded and evaluated free for 30 days. Licenses include one year of free upgrades and unlimited access to our expert technical support.


Pass it along! If you find this monthly newsletter helpful and informative, forward it to co-workers or friends, or tell them where to sign up.

     http://www.vandyke.com/support/newsletter.html

You can also read this and back issues of the newsletter at:

    http://www.vandyke.com/aboutus/news/newsletters/index.html

Subscription Information
----------------------------------

The above e-mail is intended for people who have signed up to receive VanDyke Software News from VanDyke Software. You can unsubscribe or change your e-mail address at:

  http://www.vandyke.com/support/newsletter.html

Don't miss out on important product news. If your ISP or e-mail client filters incoming e-mail, please add the domain @vandyke.com to your list of approved senders to make sure you receive the newsletters and product announcements to which you've subscribed.


Mailing Address
----------------------

  VanDyke Software, Inc.
  4848 Tramway Ridge Drive, NE
  Suite 101
  Albuquerque, NM 87111 USA

Got questions, comments, or ideas? E-mail or use the web forms by clicking on "Got a question or comment?" on any page on our web site, as you'll see on our What's New page.

---

VanDyke Software, AbsoluteFTP, CRT, Entunnel, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.

All other products and services mentioned are trademarks or registered trademarks of their respective companies.

Close Window