New OpenSSL bug: Syncplify customers are still 100% safe!

After only a couple months from the discovery of the “Heartbleed” bug that affected the popular open-source library OpenSSL, a new bug has been found that could potentially expose user’s data.

And once again, all Syncplify customers are 100% safe, because none of our product uses (or has ever used) any version of the OpenSSL library.

Working on Syncplify.me Server! v3.0 (teaser)

One of the most common trade-offs when aiming at maximum security is usually performance. It is pretty obvious that a secure SSL/TLS file transfer session must necessarily be slower than an insecure/unencrypted session. But security is not the only aspect that can affect performance, and during the design phase of the upcoming new version Syncplify.me Server! we did our best to eliminate all possible bottlenecks that weren’t related to security features.

But we actually did much more than that. Here’s an outline of some of the new features that you will see in Syncplify.me Server! v3.0 (although the following list is not comprehensive, more new features will be announced in another post that will follow this one in few days): Continue reading

OpenSSL bug: our customers are safe (cause we don’t use it)!

heartbleedBreaking news: a terrifying (to say the least) bug in OpenSSL has been discovered and publicly disclosed. This serious security flaw affects OpenSSL’s heartbeat feature, and it’s therefore been named “heartbleed”.

We, at Syncplify, want to reassure all of our users and customers: none of our products uses or has ever used OpenSSL or any of its components.

Syncplify.me Server!, FTP!, and FTP Scrip!, all include a SSL/TLS stack that is not based on OpenSSL, and therefore is not affected by the recently discovered bug.

Once again, users of Syncplify software products are safe.

SSH Server: we need your opinion…

As of today, by design, Syncplify.me Server! doesn’t send back “echo” characters when the user connects over SSH and opens a Shell. This allows us to perform some additional checks on protocol violations that would be harder (although not impossible) to perform if “echo” was active. Yet, few of our customers have requested “echo” to be enabled. What so you think about it?

[yop_poll id=”1″]

Secure FTP server: an intelligent blacklist

When running a highly secure file transfer server becomes a must, the conscious System Administrator knows that choosing a secure protocol (such as SFTP or FTPS) is just the first step, but – by itself – it’s not enough.

An SFTP server that can protect itself is an SFTP server that can protect you. That is why the new Syncplify.me Server! v2.0.4.24 introduces even further improvements to its intelligent automatic blacklist. You can see a recap in this short video:

 

 

Continue reading

New release: Syncplify.me Server! v2.0.4.24

We have just released Syncplify.me Server! v2.0.4.24. Although this is still considered a minor update, it carries some significant improvements to the automatic blacklist. Actually such improvements are so significant that we’re preparing a short video to show and explain the new features in detail (to be published here as soon as it’s ready).

As usual you can download the new version from our web site.

How secure is the SFTP protocol?

Many of our users know the FTP protocol very well, and they are aware that FTPS is the same protocol protected by a SSL/TLS connection. But when it comes to SFTP, we’re challenged pretty frequently with the question “how secure is SFTP?“.

The easy one-line answer would be: SFTP is very secure. But that is obviously not a real answer, therefore if you want to know more (and why/how it is secure), please, read on.

Continue reading

Working on Syncplify.me Server! v2.0: any feature requests?

Here at Syncplify we’re now actively working on Syncplify.me Server! version 2.0. New major version number because it will bring too many new and cool features to simply call it v1.3. Among said new features you will find:

  • Even more powerful violation-identification algorithm, and automatic blacklist
  • 10+ new events that can be managed by the event handler
  • Redesigned Configuration Manager GUI (easier to use over RDP connections)
  • And much much more (that we cannot discolse yet…)

Your feature requests are welcome and will all be evaluated by out team for inclusion in v2.0 or in a later version (if they can’t fit in the project timeline for v2.0). You can leave your suggestion on our KB, or on any of the social networks we use (Facebook, Google+, or Twitter).

Thank you!

The Syncplify.me Server! Dev Team

FtpScripter acquired by syncplify.me

Dear friends and fellow FtpScripter users, it’s our pleasure to announce that today FtpScripter has joined the syncplify.me family.

We will keep developing FtpScripter in the new company and with the brand new name of Ftp Script! Today we have released version 2.0.2.22 which is the first re-branded version with the new logo and slightly revisited GUI.