calc2014

Any news on this ivodlouhy​ bshopp​? Have you found any solution gnoonan​ fluffy midnight​?

dougpapenthien Thanks for this, having researched though it does seem that a lot of clients are not compatible once FIPS is enabled? FIPS 140-2 Support

bshopp Thanks for your response. Do you mean that if we untick those boxes Serv-U is no longer vulnerable to POODLE at all? Or is this a halfway fix until the official option comes? Any rough idea on the fix?

Program Data\RhinoSoft\Serv-U You could also try closing the tray icon altogeather by right clicking and chosing 'Exit'. Once you have done that, try launching Serv-U using the main desktop icon.

Thanks Devin. Any update from Solarwinds on this peter.kruty‌?

This has now been implemented in the latest release.. Serv-U Version 15.1.2.189 See MFT Server Release Notes | Serv-U

Unfortunately there arn't any command line options directly for Serv-U. I'm not sure if the DLL integration would allow you to do it, I havent used that. If you get that working let us know! You could use the command line to update a firewall instead - then that is in front of Serv-U entirely.

Thanks austinkeith‌ - We implemented that a while ago when the patch came out. There is still a couple of issues here that are still outstanding, what can we do about them bshopp‌ or peter.kruty‌ Serv-U still fails security tests such as Qualys with grade B because it does not support TLS 1.2 and does not support Forward…

Thanks ivodlouhy​, it has been stable today during the day but it totally locked up for a few hours a couple of days after the upgrade, since restarting the service again it is ok. I'm just worried something could cause it to randomly lock up. How do I contact you directly as you mentioned?

We have narrowed this down for you and it appears to be a bug where any file LESS than 101KB will not upload. A 100KB file will not upload (no such file error), a 101KB file will upload successfully. Please confirm you get the same results in your lab. This has been raised with support but needs escalating for an urgent…

Any news on a fix for this P0 issue bshopp​

It looks like the bug was introduced in Hotfix 2 and also exists in Hotfix 3. Serv-U 15.1.6.25 no hotfix - WinSCP can upload OK Serv-U 15.1.6.31 hotfix 1 - WinSCP can upload OK Serv-U 15.1.6.80 hotfix 2 - WinSCP CANNOT UPLOAD - ERROR no such file Serv-U 15.1.6.84 hotfix 3 - WinSCP CANNOT UPLOAD - ERROR no such file Posted…

The %USER% you ar eusing refers to the user that truns the batch/command - You'll need to pass the variable from serv-u above. Serv-u does not run the event script as the user who triggered the event.

You can setup the Domain Activity log to log to a file, that way you have unlimited retention and can rotate the logs daily if needed.

I'm not entirely sure what you mean but it sounds like another service on your server such as Apache (httpd) or ngnix is grabbinjg port 80/443 before Serv-U can? On the second point, you can restrict a particular user to a set of IPs by editing the 'IP Access' tab of the user under the 'Users' section in the Management…

There is also an article on how to achieve this in one of the Serv-u newsletters.. Setting Up "Delete After Download" Events With Serv-U

@"chrisrow" 100% agree, there is literally no way this be left like this - it has to be changed. If we're responding to this within hours of the release, imagine the millions of user accounts that are affected across all Serv-U installations. It is simply not workable. Solarwinds, we need an urgent fix.

gnoonan​ thats a nice report, how did you get that? ivodlouhy​ bshopp​ Any news on this? It seems had there is only 1 key exchange that is now considered 'secure' but it is obselete. When will you implement diffie-hellman-group-exchange-sha256?

Thanks, yes that temporary workaround seems to work. Please could you post here when fixed? I'm not sure some end users will have the ability to change those settings due to policies etc.

Thanks for your reply Josh, here are my responses.. The fact that all 5 died about the same time is strange. Are all of them taken on & offline as a group? No, they all run independantly. If they are all taken on & offline as a group, and there is a constant leak, that might make sense. Do all servers get the same traffic?…

Also, people have reported that the latest version of filezilla has a problem listing directories once connected using FTP with TLS (which is now default in FileZilla's latest version). Could this be related? Serv-U disconnects instead of directory listing

Further update from this end.. This is the cipher that Firefox uses and allows logins, but when uploading it has the problems stated above.. However, on the client side, if you run Avast anti-virus it will intercept the SSL certificate for some kind of verification, this makes firefox use a different cipher and this works,…

Also, we notice it works all ok on HTTP, the problem only exists on HTTPS. Is it something related to recent changes in SSL support?

You can also see what ports are being used in the connection by doing the following calculation.. 227 Entering Passive Mode 192,168,1,3,214,253 214*256 + 253 = 55037 This is useful to know if the PASV port range you think you are using is in effect.

Yes having lots of users in a single collection does take a lot of CPU but even when not using SQL. Whichever method is used, Serv-U.exe still does not use more than 1 core. Any ideas?

Yes trininox​, I have implemented a similar configuration recently and acheived A-, it looks like it would need forward secrecy to achieve A+.

This is especially important now with the POODLE vulnerability in SSLv3. Whats the ETA on this? https://thwack.solarwinds.com/thread/69076 bshopp

Hi Ashford, Are you able to use the $Name or $LoginID system variables to pass to your script from a Serv-U Event?

Thanks ivodlouhy​

I think there may be a bug in the patch for this (15.2.1.446) that has started as of 26th September to disable accounts that use Public Key authentication as the password encryption method is not being updated by Serv-U. Even though the accounts do not use a password, Serv-U is disabling the account and groups it is…