Managed File Transfer and Heartbleed (Also FTP Servers)

The Heartbleed vulnerability in OpenSSL affects many managed file transfer, secure file transfer, FTP server and FTP client technologies.  File Transfer Consulting has compiled a list of vendor and project statements about Heartbleed remediation here. (Long story short, the “Heartbleed” vulnerability allows people to request chunks of memory from target servers.  This memory often contains […]

Free FTP Clients – Why Do They Want to Be Free?

In the mid-1990’s, there were three things you needed to get on the Internet from your Windows desktop.  1) A Trumpet WinSock to get TCP/IP working through your modem.  2) Netscape Navigator to surf the web and find files.  3) WS_FTP LE to upload and download files through FTP sites. For years, WS_FTP’s hold on […]

Get WS_FTP Server for free!

One of the nice things about being an Ipswitch Elite Partner is that FTC often gets access to pricing and deals that you cannot get anywhere else.  Until November 15th (2011) we’ve been authorized to give away a free copy of WS_FTP Server with any Ad Hoc Transfer or Web Transfer module purchase. Or, if […]

What does the SSL/TLS BEAST exploit mean for my web-based file transfer application?

Researchers have discovered a serious vulnerability in TLS v1.0 and SSL v3.0 that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser. This vulnerability can be exploited using a new cookie-based technique called “BEAST” (“Browser Exploit Against SSL/TLS”) that takes advantage of block-oriented cipher implementation such as AES and […]

How to use email addresses as usernames in WS_FTP Server

Using email addresses as usernames is a great way to increase the usability of any application by giving your end users the ability to reuse their easily-remembered credentials across multiple systems. However, support for email addresses as usernames in WS_FTP Server is not available by default, and there are a few things to watch for […]

How do you find the ID of a WS_FTP Server Host?

File Transfer Consulting has been known to do some interesting things by tweaking the underlying configuration database of Ipswitch’s WS_FTP Server.  And when we’re working with production systems* we need to be sure that we’re always pointing to the correct WS_FTP Server Host. You may have noticed that the GUI interface to WS_FTP Server uses […]

How does WS_FTP Server store passwords?

Like many server applications, Ipswitch WS_FTP Server doesn’t store actual passwords or even encrypted passwords.  Instead, it stores cryptographic hashes that represent the original passwords. To figure out which cryptographic hash a particular server uses, an easy way is to take the original password, say “a1sd2d3”, and use an online hash calculator to figure out […]