Comments
-
Will or has the content covered, observability into behavior derived from SW Serv-U MFT logs; consider that near or past 90-days out will be crux of any security breach and most SIEM expire transactions at 90-days; please share any paths or solutions(?)
-
For some reason I thought it was per-user connection
-
+Vote for API - This is a real deal killer. We have to manually do too many tasks to manage and maintain security For example, read the logs and block a User by adding an IP Deny entry to the domain. This would supplant the limited anti-hammering rule which is too easily defeated, mainly because there is Only One Rule
-
Will there be offerings under IT Security regarding Serv-U mFTP File Server?
-
API - I've heard that an API would do wonders for product adoption & integration
-
Okay, I'll re-review features for this version, but likely await next service release I do want to get users into SQL for easier maintenance (I hope, well I know initially will be more efforts, but will allow for more features, monitoring combining logs with user setups is challenging without SQL users, as well as sending…
-
Great, and sorry for piecemeal Q's; resource to effect update are limited, is there a new release due soon? If Yes, then we can wait a week(s) and update when the new release is available...
-
Well, if only a few cases, likely not a global issue, however, is there any correlation to having many >K IP set as Deny?
-
What is the topic for the issue that is addressed in BD?
-
Duo was the problem, using MS Authenticator, even when rejected, the Authenticator nearly immediately refreshes and the new code works, so more than likely Duo simply isn't refreshing to be in synch.
-
TOTP Time-based One Time Password, if that is present in Exported Users, then MFA is Activated That doesn't mean that it's truly Active if MFA is Enabled and not Enforced (required), when Enabled the user dialog for both setup and entering an MFA includes Skip
-
The solution is that when the doc was written it was opposite day... $Port Displays the port number of the client $ServerPort Displays the port number of the server Where server port = client port, so any users on 443 should have TOTP (time based one time password) value in their exported user profile Where this is most…
-
That's on my road-map to get the blocked IP by Rule/Admin CIDR* up in the server appliance, but gateway has zero blocked IP, and zero allowed IP; all of that logic is in Serv-U (really wish that was query-able into the database...smh) *CIDR, I've written script to roll up IP by CIDR when first 3 (/24) or first 2 (/16)…
-
similar setting but not for same reason... What I've found on the gateway are many attempts and at $10/20 domestic IP we can assume hackers are willing to sacrifice IP, like the game Battleship if only to know frequency and time limit when IP are blocked and then attempt/attack w/in those parameters and not be blocked…
-
Is there an update on this?
-
Yeah, I rather thought determining which Auth App did the deed wouldn't be available, but I didn't want to overlook that, in case it was patently obvious by looking at the string in the ToTPAccount (still not 100% sure this is the field) considering a security audit, when asked if Google Auth app had a security flaw, how…
-
Status is SW Ticket is being reviewed all requested logs were provided days ago To be clear, the Gateway is Blocked as Deny on the Gateway domain, this was done w/out recognizing the IP, simply showed up in the log as attempting to login from ports 22 & 443; it was not blocked by rule (SW refers to as Anti-hammering)…
-
Same boat... In main setting for Serv-U mFTP Gateway tab, the Gateway IP that I remote desktop to via RDP shows as Gateway Address (all good so far), to the right is the Public IP address (still good), however the connection from internal Gateway IP on ports 22 & 443 is questionable, and Yes we/me wouldn't see this if the…
-
yeah, at the time I posted I was rushing and Yes the IP is Added by Admin (me), I probably added it w/out thinking about the actual IP, and since there's no timestamp, I don't know when So, the question is, is this normal behavior that the Gateway server internal IP attempts to connect on ports 22 & 443?
-
first off thanks... these are in the Domain Details IP tab, normally set to Allow or Deny So, the moniker isn't correct, but here's the first one... before & after updating After... ...the other after Here are others that are normal, well expected from manually scanning logs (I hate the task but when I find suspects I…
-
good job... I still bristle at the "non-compliance" RFC 4. literally says see next section for backward compatibility, I mean you barely have to scroll to see the RFC say perfectly Okay to maintain backward compatibility (expecting a crLF (13,10), not a LF (10))
-
Community & SW Serv-U Support, Serv-U MFTP Mgmt Console says new version 15.4.2.147 installed 15.4.1.128 What does SW Support advise to update to 2.147 then apply HF's or remain on 1.128 until the issues and HF applying is finished? Or, is there a higher version than 15.4.1.128 that is stable? From the SW SU HF2 link -…
-
Well, based solely on the number of hot-fixes for 15.4.2x it's a nope waiting for next full release
-
Prolink, do you mean this, Solarwinds Serv-U FTP & MFTP (two different products, FTP or MFTP) IF either you may want to post into the Forum and clarify that your FTP client (fileziller) is either losing connection or something else; you should be able to see the status messages in the client app... This forum is dedicated…
-
Your question as written, doesn't make much sense. You can download/install the current version and run for limited time before you buy. There was in the main site Downloads where you might find prior releases, however I've not visited lately so not sure if there is a release from 2017, And consider there may have been…
-
One domain is for automation with vendor partners, the other works best for humans; and from a management standpoint, two separate setup guides and email templates. So for me, it's all about my mental bandwidth and line of business, support and worries...
-
If the host is not configured by you, then the Host Admin should provide you w/protocol & encryption type
-
Well, although I've not done this exact task, seems like well walked path Here's snip of WinSCP onto port 443, once set, Test connecting manually IF all good then call winSCP API
-
There are many tools/ways to programmatically upload Use FTP Client, like Robo-FTP, WinSCP both of which have their own built-in scripting and API Use FTP Clinet like SSIS using legacy DTS calls for sFTP But these suggestions are taking your question as written, perhaps some more details as to your objectives and…
-
Um, sorry, I have ADHD and reading isn't my strong feature, where in the link/doc is the line that says the file or repository for the list of a Domain IP Access list of IP's is stored? I want to add to it programmatically, not manually
