Close Window
 

NEWS YOU CAN USE FROM VANDYKE SOFTWARE®

A Monthly Newsletter – November 2006

To begin wrapping up the year, we bring you our security survey results hot off the presses, along with an overview of queuing, a new SecureFX® 4.0 feature. Then we include some snippets on the SecureCRT® command-line option for automatically accepting host keys and how to convert a PuTTY registry for import into the SecureCRT sessions folder.

-------------
Contents
-------------

1. Amplitude Research® IT Security Survey: Results Are In
2. Overview: The Uses Of Queuing In SecureFX 4.0
3. How To: Setting Up An Automatic Accept And Save For Hosts Keys
4. Heard On The Forums: Converting A PuTTY Registry For SecureCRT
5. From The Archives: Using VShell® Failed Authentication Trigger
6. New And Current Releases

-------------------------
Online Resources
-------------------------

------------------------------------------------------------------------------
1. Amplitude Research IT Security Survey: Results Are In
------------------------------------------------------------------------------

VanDyke Software continues to work with survey firm Amplitude Research year over year to assess the evolution of corporate network security. This year's study of security concerns and trends, conducted online among network and security professionals in October, found that fewer larger enterprises (over 10,000 employees) reported that their networks had been hacked than in 2005. At the same time, slightly more large companies said there were successful attacks on their servers.

The news for small companies was that they increased security monitoring of user machines and office networks, and increased monitoring of servers. Finally, the use of port scanners to identify potential weaknesses is on the rise, while network analyzers were employed significantly less.

Learn more about the Amplitude Research IT Security Survey by reading the press release.

--------------------------------------------------------------------
2. Overview: The Uses Of Queuing In SecureFX 4.0
--------------------------------------------------------------------

Queuing of file transfers has been an eagerly awaited addition to SecureFX 4.0. If you haven't thought about queuing before, consider the last time you brought over fifty or a hundred files from several directories or different servers. From the transfer queue you can upload, download, or perform server-to-server transfers.

Queuing is needed in many user environments where only a single FTP connection is allowed. SecureFX queue transfers files serially, preventing error messages.

To enable the file transfer queue, select the "Transfer Queue" option in the View menu. You can now select files and folders, which will be listed in the transfer queue window at the bottom of the SecureFX main window.

In concert with serial transfers, SecureFX gives you two options for transferring the queued files. By default, SecureFX immediately begins serial transfer of the files as they are added to the queue. Or you can set the "Suspend transfer of queued items" option on the Advanced File Transfer page in the Global Options dialog, then build your file list before initiating the transfers. To start transferring files in the queue, just right-click in the transfer queue window and select "Transfer All" or "Transfer Selected".

To try the queuing capability download SecureFX 4.0.

Got a Suggestion or Question?

Your IT security issues are critical, and our goal is to listen carefully to your requests and feedback so we can better meet your needs.Let us know what issues you're encountering, and what enhancements you'd like to see in current and new features.

Send us your feedback today.

---------------------------------------------------------------------------------------------
3. How To: Setting Up An Automatic Accept And Save For Hosts Keys
---------------------------------------------------------------------------------------------

The notification message to Accept Once, Accept & Save, or Cancel when a new host key or a changed host key is encountered is an important security mechanism that helps prevent man-in-the-middle attacks.

Once a new host key has been saved, SecureCRT indexes the host key using both the IP address and the host name. If there is a change in the key, IP address, or host name, you will be prompted about a change in the host key and asked to confirm and save again.

In certain situations, you may need to connect to a server that has a frequently changing, dynamic IP address. In this case, each time the server's IP address changes, you need to manually Accept & Save the host key. This situation would also prevent auto reconnects.

SecureCRT 5.2 introduces a command-line option to automatically accept the host key for a specified server.

To enable this option, modify the shortcut for SecureCRT with the session name you want to connect to connect to and add the /ACCEPTHOSTKEYS command-line option.

For a session called "local", the command would look like the following if SecureCRT is installed to the default location:

C:\Program Files\SecureCRT\SecureCRT.exe /S "local" /ACCEPTHOSTKEYS

Automatically accepting a host key introduces security issues since it circumvents a mechanism to alert the end user to a possible man-in-the-middle attack. Before you implement this command-line option, you should be aware of its risks and benefits.

You can read this tip on the VanDyke Secure Shell forum.

------------------------------------------------------------------------------------------------
4. Heard On The Forums: Converting A PuTTY Registry For SecureCRT
------------------------------------------------------------------------------------------------

If you have switched to SecureCRT, or have a need to use more than one Secure Shell client, it can be useful to use the same registry data instead of recreating your sessions from scratch.

Forum member Leigh asked how to do this with a PuTTy database that needed to get imported into SecureCRT.

You can use an example "PuttyParser" script published in the VanDyke forums as a basis for reading information from an exported PuTTY configuration .reg file and create sessions for SecureCRT using this information.

As an example of how to export the PuTTy configuration from the registry to a .reg file, consider the following command that uses "regedit" to create a "putty.reg" file:

 regedit /E C:\putty.reg HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions

Upon running the "PuttyParser" script, new .ini files for SecureCRT sessions will be created in the folder of your choice.

These new session files can then be copied to your SecureCRT session configuration folder. Alternatively, you can choose to modify the behavior of the script to create the new session directly in the SecureCRT Sessions folder.

The location of the Configuration folder is specified in the "Configuration folder" data field in the General category of the Global Options dialog.

SecureCRT should be closed while the sessions are being copied into the Sessions folder.

To read more and see the sample script for this procedure, visit the forum web site.

-----------------------------------------------------------------------------------------
5. From The Archives: Using VShell Failed Authentication Trigger
-----------------------------------------------------------------------------------------

The VShell server supports the specification of a failed authentication trigger command. This command will run after the limit of failed authentication attempts has been reached for the current connection. For example, if a connection exceeds the limit of failed authentication attempts, this trigger can execute commands that cause specific information to be logged to a separate file, or even send e-mail notifications or pager alerts.

To read the complete tip on triggers and failed authentication, please visit the VanDyke Software Support pages.

----------------------------------------
7. New And Current Releases
----------------------------------------

SecureCRT 5.2.1, CRT™ 5.2.1, and SecureFX 4.0.1 official releases were made on November 16, 2006. SecureCRT 5.2.1 and SecureFX 4.0.1 feature SSL support, a variety of tab enhancements for SecureCRT, and have two configuration enhancements in common: improved X.509 host-key checking and HTTP proxy support.

Here is a list of the latest official product releases:

  SecureCRT 5.2.1
  SecureFX 4.0.1
  CRT 5.2.1
  VShell 2.6.2 Server for Windows
  VShell 2.6.2 Server for UNIX
    Red Hat Linux 7.x
    Red Hat Linux 8.x
    Red Hat Linux 9.x
    Red Hat Enterprise v2.1/v3
    Solaris 8
    FreeBSD 4.8/5.3/5.4
    HP-UX 11
    Mac OS X 10.2
    AIX 4.3/5.2/5.3

All VanDyke Software products may be downloaded and evaluated free for 30 days. Licenses include one year of free upgrades and access to our expert technical support.


Pass it along! If you find this monthly newsletter helpful and informative, forward it to co-workers or friends, or tell them where to sign up.

     https://secure.vandyke.com/cgi-bin/subscribe.php

RSS Feeds Now Available
-----------------------------------

Links to VanDyke Software pages with RSS feeds:

Subscription Information
----------------------------------

You received this e-mail because you subscribed to VanDyke Software News when you visited our web site or downloaded a VanDyke Software product. Click here to unsubscribe or change your e-mail address.

Don't miss out on important product news. If your ISP or e-mail client filters incoming e-mail, please add the domain @vandyke.com to your list of approved senders to make sure you receive the newsletters and product announcements to which you've subscribed.


IT professionals who are responsible for network administration and end user access where security is critical rely on VanDyke Software's rock solid and easy to configure software. VanDyke Software consistently delivers accurate, responsive support, and addresses our customers' evolving needs with timely product enhancements.


Mailing Address
----------------------

  VanDyke Software, Inc.
  4848 Tramway Ridge Drive, NE
  Suite 101
  Albuquerque, NM 87111 USA

Got questions, comments, or ideas? E-mail or use one of our web forms.

---

VanDyke Software, CRT, SecureCRT, SecureFX, and VShell are trademarks or registered trademarks of VanDyke Software, Inc.

All other products and services mentioned are trademarks or registered trademarks of their respective companies.

Close Window