Using Serv-U and FTP Voyager in an ETL process
We just launched a YouTube channel dedicated to file transfer. First up is a two-part integration spotlight: “Using Serv-U and FTP Voyager in an ETL process” This video shows how a business can...
View ArticleConsolidate Your Legacy FTP Servers to Serv-U
Have you ever wondered “where did I get all these different FTP servers?” If so, you’re not alone. “Server sprawl” appeared as a major IT concern in the mid 2000′s and it continues to plague IT...
View ArticleAlternatives to MOVEit DMZ’s Tamper-Evident Log Feature
If you’ve worked with MOVEit DMZ for an extended period of time you’ve probably received a “breaks…in your tamper-evident log files” email like this: One or more breaks were recently detected in your...
View ArticleMOVEit Central: workflow engine, scheduler, BPM or ?
I frequently get asked “what is MOVEit Central, exactly?” Often the question comes from people who’ve had MOVEit Central installed for years, and I find that people who ask this question are usually...
View ArticleHow to Detect and Prevent “Low and Slow” Brute Force Attacks
Low and slow brute force attacks against FTP servers, SSH servers and WebDAV servers are already happening, so it’s important to learn how to detect and mitigate this increasing threat. “Rapid Fire”...
View ArticleWhat features should I expect in a managed file transfer product?
We often hear people ask “what should I expect in a managed file transfer product?” A lot of that depends on your own needs, but managed file transfer capabilities can generally be grouped as...
View ArticleHow does WS_FTP Server store passwords?
Like many server applications, Ipswitch WS_FTP Server doesn’t store actual passwords or even encrypted passwords. Instead, it stores cryptographic hashes that represent the original passwords. To...
View ArticleIs Managed File Transfer dead?
Now that Gartner has marked the “Managed File Transfer” magic quadrant as “Retired” (see this), vendors, buyers and consultants alike are anxious to know whether or not the managed file transfer...
View ArticleForrester’s “Managed File Transfer Solutions”– Good, Bad and Ugly
I was delighted when Forrester’s Ken Vollmer published his “Market Overview: Managed File Transfer Solutions,” to help fill the space that Gartner vacated when it elected to drop the Magic Quadrant for...
View ArticleDifference Between Secure File Transfer and Managed File Transfer
One of the most common questions I encounter today is “what is the difference between secure file transfer and managed file transfer?” The short answer is that managed file transfer is secure file...
View ArticleDealing with your annual Sterling Commerce renewal
So, it’s September* and you’re dealing with yet another six-figure Sterling Commerce maintenance renewal. This is the time of year many of you will call, hoping to swap out your Connect:Direct (C:D) or...
View ArticleHow do I keep Google from finding my MOVEit DMZ site?
If you have deployed a publicly facing MOVEit DMZ site, you may be surprised how easily people can find you, especially from public search sites like Google, Yahoo and Bing. To bring up a couple of...
View ArticleMOVEit DMZ AntiVirus FAQ
By now you have hopefully heard that MOVEit DMZ is getting integrated Anti-Virus (AV) support through use of an ICAP connector to Sophos and Symantec AV engines. If not, you should know that this...
View ArticleWhat does the SSL/TLS BEAST exploit mean for my web-based file transfer...
Researchers have discovered a serious vulnerability in TLS v1.0 and SSL v3.0 that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser. This...
View ArticleTop Three Managed File Transfer Trends of 2011
Since we aren’t tightly coupled to one particular vendor in the managed file transfer industry, File Transfer Consulting has the opportunity to see things from a slightly different perspective. We...
View ArticleWhat Does UsedSoft vs. Oracle Mean for Managed File Transfer?
The July 3 UsedSoft vs. Oracle ruling opened a secondary market for software by retiring the concept of “licensed, not sold” in 27 European countries. To thousands of software companies, including...
View ArticleLow and Slow Brute Force FTP Scanner
LowAndSlow is a free utility that attempts “low and slow” brute force sign-ons against a selected FTP server, FTPS server, or SFTP server. LowAndSlow works off a list of usernames and a list of...
View ArticleAccellion’s Password Vulnerability Gives Black Eye to Managed File Transfer
Yesterday Nir Goldshlager published an article and YouTube video (see below) that shows how he was able to reset the passwords of other users on a high profile Accellion system running at least eight...
View ArticleSecure Coding: How to Avoid Accellion’s Password Reset Vulnerability
In a previous article I looked at a bug in Accellion’s code that allowed users to hijack each other user’s accounts by resetting each other’s passwords. (The bug was found and fixed in March 2012.)...
View Article“Low and Slow” Brute Force Utility Released
Today we released version 1.0.0 of our “low and slow” brute force scanner for FTP servers and SFTP servers. We originally designed this utility in 2011 to help us test whether appropriate lockouts were...
View Article
