Search Results for: event

How to prevent uploads of EXE files

Syncplify.me Server! version: 4.0.0+

Some SFTP servers feature a simple “extension exclusion list” so that administrators can specify certain file extensions that the server should not let users upload. But that’s a pretty weak defense, as a clever attacker could always upload an EXE with a fake extension and then rename it or otherwise find alternative ways to run it on the server, thus compromising its security.

Syncplify.me Server!’s scriptable nature, though, allows you to do a lot more than just disallow certain file extensions. Here’s a sample script that can be attached to the “AfterFileUpload” event handler, to identify EXE files that have been uploaded with fake extensions and delete them right away.

The above script is provided as a mere example to identify Windows EXE files. But it could be easily modified in order to identify other file types.

All Windows EXEs, in fact have stable distinguishing features in their binary code, and more precisely: the first 2 bytes (in hex) will always be 4D5A, and the 4 bytes at offset 256 (0x100) will always be 50450000. So if a file has those byte sequences in those exact locations, it’s safe to say it’s a Windows EXE.

Do you need to identify ZIP files instead? The first 4 bytes are always 04034B50.

And so on… many file types can be identified by specific “signatures” in their binary code, that one can easily read using Syncplify.me Server!’s powerful scripting capabilities.

How Syncplify.me Server! prevents SSHPsycho attacks

Syncplify.me Server! version: 4.0.0+

According to the SANS ISC nearly 80% of all SSH-based brute force attacks are caused by SSHPsycho or one of its variations. This seems to be confirmed by the LongTail honeypot real-time report provided by the Marist College. So, yes, SSHPsycho is a big deal, and it’s a problem. And traditional blacklisting mechanisms (simply banning certain “well known” IP addresses and networks) have proved to be inefficient against it.

LongTail shows that Cisco and Level 3’s recent announcement about blocking sshPsycho’s 4 class C IP ranges (also known as “Group 93” and the “Hee Thai Campaign”) has done nothing to stop their brutal attacks. [Source: SANS ISC]

Syncplify.me Server!’s intelligent and automatic blacklist (called “Protector“), though, shows to be extremely effective at preventing such type of attack. Its real-time dynamic attack pattern identification and prevention technology can quickly recognize SSHPsycho attacks (and the like) and proactively stop them as soon as they begin. Even at its “Normal” sensitivity threshold, Protector already identifies and blocks all types of SSHPsycho attacks, in most cases before they even get to try the password authentication. Continue reading

Syncplify.me MFT! Alpha-2 is here

We just reached a new milestone in the development of Syncplify.me MFT!, so we decided to release an updated installer for everyone to try and provide feedback (and, why not, bug reports).

If you haven’t read the introductory article, please do so now.

What’s new in Alpha-2 that wasn’t there in Alpha-1?

  • OTFE (On-The-Fly-Encryption): allows you to transparently and automatically encrypt all of your files as they are uploaded to a remote server, and decrypt them as they are downloaded back to your local storage.
  • Automatic Versioning: automatically keep your desired number of older versions of each file, every time you upload or download a file to/from a file server. Each versioned older copy of each file is automatically archived and timestamped for you.

Continue reading

How to: monitor local folders in mftJS and upload files as they appear in it

This article refers to the mftJS language, which is the special “flavor” of JavaScript designed by Syncplify for the upcoming Syncplify.me MFT! software product.

Let’s see the code first, then we’ll explain the details.

 

Continue reading

Managed File Transfer (a teaser)

We are very excited to announce that the Syncplify team has started the development of Syncplify.me MFT!, a new software solution in the Syncplify lineup that will allow our users to create their own, flexible, automated, managed file transfer tasks.

With Syncplify.me MFT! you will be able to:

  • create source-code MFT tasks in mftJS which is an extended version of JavaScript specifically designed by Syncplify for managed file transfer
  • create visual MFT tasks by simply assembling “building blocks”, to bring the power of MFT to people who are not familiar with computer programming
  • run your MFT tasks in various ways, including:
    • invoking tasks from anywhere via our built-in REST API
    • running tasks from the command-line
    • running tasks by simply double clicking on script files
    • scheduling tasks using the built-in scheduler
    • scheduling tasks using your operating system’s native scheduler/cron
  • log every event in JSON-formatted log files for easy import and analysis in the most widespread log analyzers (ex: LogRhythm, ManageEngine, SumoLogic, Loggly, …)
  • and so so much more…

Stay tuned!

Syncplify.me Server! v5.0.25 released

We have released version 5.0.25 of our flagship product, Syncplify.me Server!

This update features the following improvements:

  • Improved: the REST API that deletes a VFS and the one that deletes an LDAP configuration now return the error code -400 if the client is trying to delete a resource that is “in use” (associated to a user profile)
  • Fixed: glitches in the web UI that prevented copy/pasting information when the data-tables were filtered

As usual, you can download this update from our web site.

Thank you.

Syncplify.me Server! v5.0.24 released

We have released version 5.0.24 of our flagship product, Syncplify.me Server!

This update features the following improvements:

  • Fixed: small bug that prevented saving changes to your existing scripts in high-availability (HA) deployments of the Ultimate edition

As usual, you can download this update from our web site.

Thank you.

Syncplify.me Server! v5.0.15 released

We have released version 5.0.15 of our flagship product, Syncplify.me Server!

This update features the following improvements:

  • Fixed: a glitch in v5.0.14 that prevented the software from correctly decoding the license data (the bug only affected v5.0.14, no other v5.0.x was affected by it)

As usual, you can download this update from our web site.

Thank you.