Syncplify.me Server! v4.0.8 released

We have just released version 4.0.8 of our Syncplify.me Server! software. This version features the following improvements:

  • Support for Windows XP, Server 2003, Server 2003 R2, and Vista
  • Fixed a bug that prevented the import of user keys in RSA format
  • Fixed a bug that prevented the correct behavior of AllowFTP, AllowFTPS, and AllowFTPES

As usual you can download this new release from our website.

Firewalls and FTP external IP address for PASV

Yesterday we came across what, at first, seemed to be a pretty odd case, and we think it’s worth sharing it with our users.

Most firewalls (we’d say all the ones we know) have NAT/PAT capabilities, and many are able to perform protocol-level inspection when the connection is not encrypted. SSH (and SFTP) are always encrypted, but FTP can be either encrypted or not; yet, theoretically protocol inspection should only prevent protocol-related attacks, not modify client requests or server responses.

Yet, yesterday a customer with a perfectly configured instance of Syncplify.me Server! was experiencing a weird behavior: FTPS/FTPES (encrypted) sessions were working perfectly, while plain FTP sessions were dropped upon every attempt to open a data connection to transfer files. Continue reading