Press release: Syncplify.me software products are immune from the “heartbleed” OpenSSL bug

Media contacts:

Helga Kessler
Syncplify, Inc.
helga@syncplify.me

Syncplify.me Server!, FTP!, and FTP Script! implement a proprietary SSL/TLS stack that does not rely on OpenSSL, therefore they are not affected by the “heartbleed” OpenSSL bug; once again, Syncplify customers’ security and peace of mind are safeguarded.

WILMINGTON, DE – April 8, 2014 – Syncplify, Inc., a young yet award-winning software development company that delivers enterprise-grade secure file transfer solutions (FTPS/SFTP client and server), following the breaking news regarding the recently discovered OpenSSL bug named “heartbleed”, today announced that none of its products is or has ever been based on any version of such library. Therefore, all Syncplify products are immune from the published exploits.

Continue reading

OpenSSL bug: our customers are safe (cause we don’t use it)!

heartbleedBreaking news: a terrifying (to say the least) bug in OpenSSL has been discovered and publicly disclosed. This serious security flaw affects OpenSSL’s heartbeat feature, and it’s therefore been named “heartbleed”.

We, at Syncplify, want to reassure all of our users and customers: none of our products uses or has ever used OpenSSL or any of its components.

Syncplify.me Server!, FTP!, and FTP Scrip!, all include a SSL/TLS stack that is not based on OpenSSL, and therefore is not affected by the recently discovered bug.

Once again, users of Syncplify software products are safe.

New release: Syncplify.me Notepad! v1.0.12.52

New release of our award-winning Notepad! today. Here’s what’s new in the latest version:

  • Improved ability to open “in-use” files (e.g. live web server log files and the like)
  • Fixed a bug that prevented Notepad! to memorize manual overrides to syntax coloring scheme by file type

As usual you can download the new version from our web site, or take advantage of this direct download link.

Cisco UCM: backup to SFTP server

When you install Syncplify.me Server!, the installer deploys a very secure (PCI compliant) configuration. Such strong configuration, though, is not compatible with Cisco UCM backups, as Cisco UCM has a very outdated support for the SFTP protocol.

Setting all the protocol options and tweaks by hand, to properly support Cisco UCM, may be painful, as there are so many! But Syncplify.me Server! makes it easy by providing a handy drop-down list of ready-made configuration scenarios, including one that is ideal as a Cisco UCM backup target. Continue reading

SSH Server: we need your opinion…

As of today, by design, Syncplify.me Server! doesn’t send back “echo” characters when the user connects over SSH and opens a Shell. This allows us to perform some additional checks on protocol violations that would be harder (although not impossible) to perform if “echo” was active. Yet, few of our customers have requested “echo” to be enabled. What so you think about it?

[yop_poll id=”1″]

Configuration Manager Default Password

If you are using Syncplify.me Server! version 1.x or 2.x, the first time you run the Configuration Manager, after installing the software, it displays a little “hint” regarding the default username and password to use at your first access.

Username: admin
Password: [there is no password, just leave the field empty]

As soon as you perform your first access, you will be required (it’s mandatory) to set a password for the admin user. This requirement is necessary for obvious security reasons.

Instead, if you are using Syncplify.me Server! version 3.x (or greater), the admin username and passwords are the ones you have chosen and set upon creation of your server instance. So there is no default value anymore, you will have to log in using username/password that you have set when you have created the particular instance you’re trying to access.

Secure FTP server: an intelligent blacklist

When running a highly secure file transfer server becomes a must, the conscious System Administrator knows that choosing a secure protocol (such as SFTP or FTPS) is just the first step, but – by itself – it’s not enough.

An SFTP server that can protect itself is an SFTP server that can protect you. That is why the new Syncplify.me Server! v2.0.4.24 introduces even further improvements to its intelligent automatic blacklist. You can see a recap in this short video:

 

 

Continue reading

New release: Syncplify.me Server! v2.0.4.24

We have just released Syncplify.me Server! v2.0.4.24. Although this is still considered a minor update, it carries some significant improvements to the automatic blacklist. Actually such improvements are so significant that we’re preparing a short video to show and explain the new features in detail (to be published here as soon as it’s ready).

As usual you can download the new version from our web site.