The new “compound increment percentage”

Syncplify.me Server! version: 4.0.16+

Syncplify.me Server! v4.0.16 introduced a new (yet very important) improvement to the Protectorâ„¢ technology: the compound increment percentage.

Before this update, the Protectorâ„¢ would put an attacker’s IP address in the blacklist for a predetermined amount of time, and remove it from the blacklist once said time had past. But attackers often try to connect to the server to attempt further attacks even when they are already blacklisted.

The updated Protectorâ„¢, instead, features a significant difference: if an attacker tries to connect to the server while already blacklisted, the attacker’s IP address blacklist expiration will be prolonged by an amount of time that is calculated using the above “increment percentage” compound to the “number of identified attack attempts” while such IP was already blacklisted. Logn story short: if an attacker keeps attacking, its IP address may very well never get out of the blacklist even when the blacklist is set to ban attackers IPs only temporarily. Continue reading

Syncplify.me Server! scripting: Session.Terminate and Blacklist

In a previous article we’ve been talking about the new properties and methods introduced by Syncplify.me Server! v3 to improve the session object. One of such methods is Session.Terminate that basically instructs the FTP(S) or SFTP server to forcefully terminate the session as soon as the script execution ends.

In such post we have mentioned the addition of another useful function, often used in conjunction with Session.Terminate: the Blacklist function (which name is pretty self-explanatory). In this article we will explain how to use it.

First of all, let’s see the functions definition:

There are 3 parameters:

  1. IPorNetwork: the first parameter clearly should be the specific IP address (e.g.: 192.168.172.25) or the network/subnet (e.g.: 192.168.172.0/255.255.255.0) that you want to blacklist
  2. AMinutes: this is pretty intuitive too, it is the number of minutes you want the above IP address or network to be blacklisted for (unless you are permanently blacklisting it, see point #3 here below)
  3. AType: this parameter can be either ttTemporary or ttPermanent. If you want to temporarily blacklist the IP/network you will use ttTemporary and the IP/network will stay in the blacklist only for AMinutes minutes. Instead if you use ttPermanent the IP/network will be blacklisted forever (unless manually removed) and the AMinutes parameter will be ignored.

Continue reading

How-to: terminate a client session (or all of them)

As of version 3.0, Syncplify.me Server! allows you to forcefully terminate an unwanted client session, or even terminate all active sessions if needed.

You can do so by running the Configuration Manager, switching to the real-time monitor panel, and right-click with your mouse on the session you wish to terminate. A popup menu will appear and let you choose whether you want to end the selected session, or all the currently active sessions.

terminating