• 23 Dec

    SFTP vs FTPS

    Source: http://computersecuritypgp.blogspot.in/2015/11/sftp-vs-ftps.html

    FTP or File Transfer Protocol is a standard network protocol, which is used to transfer files from one host to another host over internet.
    FTP is normally widely used. But security is a big concern for it. FTP was not created to be a secure protocol. The traffic between two hosts are transferred unencrypted in FTP. Even the username and password transferred is also too unsecure to be sniffed by a third party. So, this protocol is very much vulnerable to sniffing or spoofing attack. So, use of FTP is deprecated in modern time for security concern.
    FTP over SSH or SFTP is one way of making FTP protocol more secure. In this protocol, a normal FTP session is tunneled over a Secure Shell connection. As a result, data transferred between two hosts are encrypted making the protocol more secure. In SFTP, data transfer is packet based, instead of text-based. Also, data is transferred over the main control connection, instead of opening a seperate data connection. In fact, there is very little common to FTP and SFTP.
    FTPS is an extension of FTP. It adds support for the SSL/TLS cryptographic protocols. In this protocol, normally a Transport Layer Security is established from the beginning of the connection. There are normally two types of FTPS – implicit and explicit.
    In case of implicit FTPS, the client is expected to send TLS ClientHello message at the beginning of the connection and if it fails, the connection is dropped.
    In explicit FTPS, the client is expected to explicitly ask for security. If it fails to ask, it is up to the server to continue in the unsecure more or drop the connection.
    Once a TLS connection is established, the data transfers between the hosts in encrypted manner.
    In terms of security, both SFTP and FTPS are good.
  • 13 Dec

    Event Log Monitoring

    Event Log Monitoring

    A while ago we received the following questions  from one of our users:

    My name is .. from the .. GmbH in Germany. I have two questions about your program (LimagitoX):

    1. Is it possible to Change the Event-ID at the Event Viewer? We want to monitor this Event with our Monitoring System. Our Idea is when an Event comes in with “On Success” it should be have another Event-ID as “On Error”.

    2. Our Second question / problem we get following Event Description:

    The description for Event ID 0 from source LimagitoX.exe cannot be found. Either the component that raises this event is not installed on your
    local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another
    computer, the display information had to be saved with the event.

    Is it possible to change this description or is this an mistake from your program? (the red labeled text)

    Thanks for your help!

    So we did what he asked and the result is available starting from version v11.12.12.0.

    EventLog

    We’ve added the following Id’s and Categories to make it much more suited when using external monitoring tools.

    Event Id’s:

    • IdDoNotUse = 0;
    • IdWINGET = 1;
    • IdWINPUT = 2;
    • IdWINBAK = 3;
    • IdFTPGET = 6;
    • IdFTPPUT = 7;
    • IdSFTPGET = 11;
    • IdSFTPPUT = 12;
    • IdPOP3GET = 16;
    • IdHTTPGET = 21;
    • IdIMAP4GET = 26;
    • IdAWSS3GET = 31;
    • IdAWSS3PUT = 32;
    • IdSMTPPUT = 37;
    • IdPSCPUT = 42;
    • IdZIPPUT = 47;
    • IdDELETE = 55;
    • IdOnCommand = 94;
    • IdOnDestination = 95;
    • IdOnDestinations = 96;
    • IdSRCTHREAD = 98;
    • IdDSTTHREAD = 99;

    Event Categories:

    • CatDoNotUse = 0;
    • CatOnSuccess = 1;
    • CatOnError = 2;
    • CatOnBkpSuccess = 3;
    • CatOnBkpError = 4;
    • CatOnVrfSuccess = 5;
    • CatOnVrfError = 6;
    • CatOnFileInUse = 7;
    • CatOnNoFile = 8;
    • CatOnRuleBegin = 9;
    • CatOnRuleEnd = 10;
    • CatOnPscSuccess = 11;
    • CatOnPscError = 12;

    We also had to add an extra dll and a registry entry to get rid of the red labeled text. The installer will handle this for you.

    Best Regards,

    Limagito Team