How to: SFTP authentication via one-time passwords (OTP)

Syncplify.me Server! version: 5.0.0+

Occasionally our customers ask if it’s possible to implement some form of one-time password (OTP) authentication for their SFTP users. Considering the complexity of the SSH authentication scheme, such task is definitely not trivial. To ease the process, Syncplify.me Server! V5 adds two new event-handlers and several functions to the scripting framework. This article explains how to use them to accomplish OTP authentication over SFTP. Continue reading

How Syncplify.me Server! prevents SSHPsycho attacks

Syncplify.me Server! version: 4.0.0+

According to the SANS ISC nearly 80% of all SSH-based brute force attacks are caused by SSHPsycho or one of its variations. This seems to be confirmed by the LongTail honeypot real-time report provided by the Marist College. So, yes, SSHPsycho is a big deal, and it’s a problem. And traditional blacklisting mechanisms (simply banning certain “well known” IP addresses and networks) have proved to be inefficient against it.

LongTail shows that Cisco and Level 3’s recent announcement about blocking sshPsycho’s 4 class C IP ranges (also known as “Group 93” and the “Hee Thai Campaign”) has done nothing to stop their brutal attacks. [Source: SANS ISC]

Syncplify.me Server!’s intelligent and automatic blacklist (called “Protector“), though, shows to be extremely effective at preventing such type of attack. Its real-time dynamic attack pattern identification and prevention technology can quickly recognize SSHPsycho attacks (and the like) and proactively stop them as soon as they begin. Even at its “Normal” sensitivity threshold, Protector already identifies and blocks all types of SSHPsycho attacks, in most cases before they even get to try the password authentication. Continue reading

Syncplify.me Server! v3.0: improved command-line interface (CLI)

Besides a totally new graphical Configuration Manager that will allow local and remote configuration (over any Internet connection) of your Syncplify.me Server!, the new v3.0 will also feature a greatly improved command-line interface (CLI) tool.

Being intended as an integration instrument, the CLI doesn’t have remote configuration capabilities, but it has some interesting features such as some new “visualization” capabilities like – for example – the ability to show the current contents of the blacklist (and alter it):

cmdblist

Once again thanks to our dev-team, our beta-testers, our investors, and all the people who are making this possible.

Configuration Manager Default Password

If you are using Syncplify.me Server! version 1.x or 2.x, the first time you run the Configuration Manager, after installing the software, it displays a little “hint” regarding the default username and password to use at your first access.

Username: admin
Password: [there is no password, just leave the field empty]

As soon as you perform your first access, you will be required (it’s mandatory) to set a password for the admin user. This requirement is necessary for obvious security reasons.

Instead, if you are using Syncplify.me Server! version 3.x (or greater), the admin username and passwords are the ones you have chosen and set upon creation of your server instance. So there is no default value anymore, you will have to log in using username/password that you have set when you have created the particular instance you’re trying to access.