11.01.2019

Web Page Creator 7.6 serial key or number

By admin Web Page Creator 7.6 serial key or number 0 Comments

Web Page Creator 7.6 serial key or number

Release Notes for WS_FTP&#; Server , WS_FTP Server with SSH, and WS_FTP Server Corporate

In this File

Security Update:

Security Update: Release includes all prior upgrades that addressed the Hearbleed vulnerability, and includes OpenSSL version h.

Security Update: Patch

Security Update on SSL/TLS MITM (Man-in-the-middle) vulnerability (CVE): The recent vulnerability uncovered in OpenSSL has affected vendors and companies that rely on this near-ubiquitous open source security protocol. In basic terms, the vulnerability exposes an OpenSSL to OpenSSL exchange that uses the OpenSSL , and family of protocols to an attack. This vulnerability affects all releases starting with through the , and versions of WS_FTP Server.

The WS_FTP Server patch release upgrades OpenSSL to the h version, which removes this vulnerability.
Check your version number to see if you need to upgrade.

Note also that we have released updated install programs for the Web Transfer Module and the Ad Hoc Transfer Module. Neither of the modules is affected by the MITM SSL issue, but we updated the install programs to be compatible with the WS_FTP Server patch release. You need to use the versions of the install programs.

Security Update: Patch

Security Update on Heartbleed SSL: Heartbleed SSL, the recent vulnerability uncovered in OpenSSL, has affected vendors and companies that rely on this near-ubiquitous open source security protocol. In basic terms, the vulnerability exposes any exchange that uses the OpenSSL family of protocols to an attack. This vulnerability affects only the and versions of WS_FTP Server.

The WS_FTP Server patch release disables the heartbeat function that exposed the vulnerability in the OpenSSL c version and a later release will provide an update to a version of OpenSSL (g or later) that has addressed this issue.

If you have an affected version, you have already received a notification from the Ipswitch Security Team. Check your version number to see if you need to upgrade. Systems that may have exposed this vulnerability should regenerate any sensitive information (secret keys, passwords, etc) with the assumption that an attacker has already used this vulnerablity to obtain those items.

Note also that we have released updated install programs for the Web Transfer Module and the Ad Hoc Transfer Module. Neither of the modules is affected by the Heartbleed SSL issue, but we updated the install programs to be compatible with the WS_FTP Server patch release. If you are doing a new installation of these modules, you need to use the version of the install programs.

About this document

This document contains information on how to install and configure WS_FTP&#; Server, WS_FTP Server with SSH, and WS_FTP Server Corporate. Depending on which WS_FTP Server product you have purchased, portions of this document may not apply.

The document also describes how to install and configure add-on modules for the WS_FTP Server and WS_FTP Server with SSH.

What is WS_FTP&#; Server?

Ipswitch WS_FTP&#; Server is a highly secure, fully featured and easy-to-administer file transfer server for Microsoft Windows® systems. WS_FTP Server lets you create a host that makes files and folders on your server available to other people. Users can connect (via the Internet or a local area network) to your host, list folders and files, and (depending on permissions) download and upload data. Administrators can control access to data and files with granular permissions by folder, user, and group. Administrators can also create multiple hosts that function as completely distinct sites.

WS_FTP Server is proven and reliable. It is used by administrators globally to support millions of end users and enable the transfer of billions of files.

WS_FTP Server complies with the current Internet standards for FTP and SSL protocols. Users can connect to the server and transfer files by using an FTP client that complies with these protocols, such as Ipswitch WS_FTP LE or Ipswitch WS_FTP Professional.

WS_FTP Server with SSH also includes support for SFTP transfers over a secure SSH2 connection.

Administration

Fully web-based administration for remote management
Enhanced logging and reporting
Connection port configurable by host
Event-driven communication and automation

Performance

Proven and reliable: Used by administrators globally to support millions of end users and enable the transfer of billions of files
Failover architecture

Security and Compliance

File integrity checking support
Full support for file transfer using SFTP over SSH
Implicit and explicit SSL support with up to AES encryption
Auto-expiring passwords and enhanced password controls
Ability to hide login banner from client

WS_FTP Server Product Family

The WS_FTP Server product family provides a broad range of file transfer functionality, from fast file transfer via the FTP protocol, to secure transfer over SSH, to a complete file transfer (server/client) solutions.

WS_FTP Server: Our base product offers fast transfer via the FTP protocol with the ability to encrypt transfers via SSL, and includes FIPS validated encryption of files to support standards required by the United States and Canadian governments.

WS_FTP Server can operate standalone or is easily integrated with existing user databases (Active Directory, Windows NT, ODBC). The WS_FTP Server Manager provides web-based administration from the local machine and also allows remote management of the server. The Server Manager can use our integrated web server or Microsoft IIS.

When used with our WS_FTP Professional client, WS_FTP Server can retry a failed transfer, perform file integrity checks, verify a user's identity, and speed transfers by using compression and multi-part transfers.

WS_FTP Server is designed with a tiered architecture that allows components and data to be maintained on one computer or distributed among several, allowing the configuration to scale to handle larger capacity.

WS_FTP Server can be deployed in an active-passive failover configuration to ensure file transfer service is always available. The failover configurations use shared resources for the user database, configuration data, and the file system for user directories and log data.

WS_FTP Server with SSH: This product offers all of the features of WS_FTP Server plus the ability to send and receive files over SSH, which automatically delivers encrypted communications during and throughout file transport.

WS_FTP Server Corporate: This product extends the secure transfer capabilities of WS_FTP Server with SSH to include:

Support for SCP2 to provide a secure version of the remote copy capability used in UNIX applications

LDAP support for authentication to leverage existing corporate databases.

Integrates the WS_FTP Server Web Transfer Module to provide a complete file transfer solution (server and client).

WS_FTP Server Web Transfer Module
The WS_FTP Server Web Transfer Module, an add-on to WS_FTP Server products, enables users to transfer files between their computers and company servers over HTTP/S using a Web browser. As a result, employees and external business partners can connect to company networks simply and securely to share files, data, and other critical business information.
WS_FTP Server Ad Hoc Transfer Module
The WS_FTP Server Ad Hoc Transfer Module, an add-on to WS_FTP Server products, lets users send files from their computers to one or more individuals by sending an Ad Hoc Transfer message via email. Recipients of an Ad Hoc Transfer "package" can connect to a download page, hosted on the WS_FTP Server, and download the files that have been "sent" to them. This module lets your users send a secure transfer to colleagues and clients, without the need to set up temporary accounts.
Users can send a package by using the Ad Hoc Transfer web interface or Microsoft Outlook.

Update for Ad Hoc Transfer Module and Ad Hoc Transfer Plug-in for Outlook

We have issued a maintenance release of Ad Hoc Transfer Module and the Ad Hoc Transfer Plug-in for Outlook that provides the following enhancements and bug fixes:

Improved file transfer performance for the Ad Hoc Transfer Plug-in for Outlook. In previous versions, the plug-in was limited to file attachments of no more than 2 GB. This version removes the 2 GB restriction and provides faster transfer of large files. Note that the 2 GB limit still applies for the Ad Hoc Transfer web interface.
Ad Hoc Transfer Plug-in for Outlook now supports Microsoft Outlook and Microsoft Exchange

To upgrade to this release, you need to install:

Version of Ad Hoc Transfer Module
Version of Ad Hoc Transfer Plug-in for Outlook (requires Ad Hoc Transfer Module )
Your WS_FTP Server version (v ) does not need to be updated.

New in

Version includes the option to delete old files and/or empty sub-folders after a specified number of days. You can configure cleanup settings at the folder level or at the host level. By default, folders will inherit the host-level default values unless they are overridden at the folder level. Host-level settings also apply to virtual folders and their descendants, but only if the virtual folder points to a location outside of the host's top folder, to avoid having multiple cleanup profiles affect a single folder.
This release also includes the option to expire user accounts a specified number of days after user account creation or last logon. At the host level you can also delete expired user accounts after they have been expired a specified number of days. These settings only take effect when the host's authentication database type is WSFTP.
A new service, "Ipswitch Scheduler," is installed and runs at am every night. This service cleans up old files and sub-folders, as well as expired users. The cleanup process will never delete virtual folders themselves, only physical folders.
When using a command line to create a user, administrators can now use the argument to set a user's home folder.

File transfers in WTM and Ad Hoc now display a progress bar indicating percentage of transfer completed. This feature is not available in IE9.

New in

Version updates some of the critical software components used by the WS_FTP Server, including SSL libraries, supported databases, and supported operating systems.

OpenSSL libraries: The OpenSSL version used by WS_FTP Server has been upgraded from t to c. This upgrade was done to resolve known security issues with the older version of OpenSSL, as well as to add improved functionality that is only available in newer versions of OpenSSL. More specifically, the new version supports the AES CTR ciphers, which allows administrators to disable CBC ciphers and use the AES CTR ciphers instead.
If you choose to disable the CBC ciphers, Ipswitch WS_FTP Professional versions before v will not be able to connect using SSH. Older versions of other FTP clients may also use CBC ciphers.
Supported databases:
PostgreSQL: The version of PostgreSQL used by WS_FTP Server has been upgraded from to This was done to resolve known security vulnerabilities with older versions of PostgreSQL.
Microsoft SQL Server: WS_FTP Server now supports Microsoft SQL Server , in addition to the version. Support for Microsoft SQL has been dropped.
Supported operating systems: WS_FTP Server now supports Windows Server , in addition to the R2 version. This version of WS_FTP Server drops support for Windows Server and Windows XP.

This release includes enhanced features for the Ad Hoc Transfer Plug-in for Outlook:

Ability to Customize the Ad Hoc Transfer Plug-in for Outlook
You can add your own brand or organization information to the user interface. You can change logos, icons, and text labels and you can also customize the associated help topics.
Improvements to the Silent Install Program
The silent install program has been enhanced to ease the deployment of the Ad Hoc Transfer Plug-in to large numbers of users, and also to support deployment via Group Policy. The changes include supporting installation on a PC for "all users" rather than for a single user, and specification of default install properties.
The default install properties allow an administrator to configure the plug-in to connect to the WS_FTP server. To complete the configuration, each user will need to enter their WS_FTP password (and possibly their username). In most cases, after using the silent install or group policy, the username will be already configured on the end user's computer.
Also, when using the Group Policy to deploy the plug-in, the installation program is now run by the "System" user, which fixes a defect in the previous version.
For more information, see the "Ad Hoc Transfer Plug-in for Outlook Install Guide," on the WS_FTP Support site.
This release also brings a roll-up of enhancements and bug fixes from ongoing maintenance efforts. For more information, see the "Fixed in " section.

New in

Version introduces failover support to the WS_FTP Server family of products. You can now deploy WS_FTP Server on a two-node failover cluster in a Windows Server environment using Microsoft Cluster Services (MSCS) or Microsoft Network Load Balancing (NLB). The failover solution consists of one "active" and one "passive" node, each running identical configurations of WS_FTP Server. If the primary node is unavailable, or if a server (FTP or SSH) is unavailable on the primary node (MSCS only), processing switches over to the secondary node. This two-node configuration uses shared resources for the user database, configuration data (SQL Server), and the file system for user directories and log data.

Version also includes multiple SSH improvements:

Users are now able to use multiple SSH user keys to authenticate to SSH servers.
Administrators can require multiple authentication factors (password and SSH user key) for users authenticating to an SSH server.

New in

Version introduces the Ad Hoc Transfer capability to the WS_FTP Server family of products. Ad Hoc Transfer lets your users send file transfers to an individual, rather than to a folder or file transfer site. Files can be sent to any valid email address, meaning you do not have to maintain accounts for all recipients, or set up temporary accounts.

Files sent via Ad Hoc Transfer are stored in a folder on the WS_FTP Server computer. Recipients receive a notification in their email inbox, and click on a web link to access the posted files.

As the administrator, you can set options that require Ad Hoc Transfers to be password protected, and to manage the size and availability of an Ad Hoc Transfer "package," which is the user-generated email message plus associated files.

The Ad Hoc Transfer Module provides two ways for a WS_FTP Server user to send a transfer:

The Ad Hoc Transfer Module web interface: Users can open this interface in their web browser to send a file transfer "package" and view recently sent packages. You can set the options, such as password protection and notification on delivery, that are available to users. You provide to users the web address that they will use to access Ad Hoc Transfer Module. No installation is required on the user's computer.
Microsoft Outlook: Users can send a file transfer "package" by creating a new message in Outlook, attaching the files, and selecting Send Secure (rather than Send). You can set the options, such as password protection and notification on delivery, that are available to users. Users will need to install the Ad Hoc Transfer Plug-in for Outlook.

New in

Version includes the following new features:

Support for Windows You can now install WS_FTP Server and each of its features on a Windows Server. The install will activate several Windows roles and features (see the WS_FTP Server Getting Started Guide for details). WS_FTP Server is compatible with 32 and bit versions.
VMWare ESX (bit) Support. You can now install WS_FTP Server on virtual machines you have hosted on ESX servers.
New Email Notification Variables. There are now new variables that you can use to trigger notification emails. Notification variables now include transfer type ("ASCII" or "Binary"), IP addresses of clients performing an action, the server host of a user attempting an action, and the size of a file uploaded or downloaded.
SMTP Authentication. WS_FTP Server now supports authentication for SMTP servers. If you activate SMTP Authentication in WS_FTP Server Manager, when connecting, the server will submit the username and password you entered.

New in

Version 7 introduces a third product offering, WS_FTP Server Corporate, to the WS_FTP Server family of products. WS_FTP Server Corporate offers a convenient way to purchase the full range of secure, managed file transfer functionality that we provide. For a description of each of the WS_FTP Server product offerings and the major features included, see WS_FTP Server Product Family.

Version 7 is a major release that includes the following new features:

Blocking of IP addresses that attempt multiple concurrent connections.
The IP Lockouts feature is designed to thwart dictionary attacks, which can shut down a server by flooding it with connection requests. WS_FTP Server can monitor connection attempts, identify possible abuse, and deny access to the FTP and SSH servers for the offending IP address.
The IP Lockouts feature lets the administrator set the criteria for blocking an address (or subnet range), manually add an approved address to the whitelist, or manually add a problem address to the blacklist.
From the Server Manager, select Server > IP Lockouts.
Support for LDAP databases for user authentication (with failover) to leverage existing corporate databases.
WS_FTP Server supports standard implementations of LDAP, including Microsoft's Active Directory, OpenLDAP, and Novell's eDirectory. Administrators can configure a WS_FTP Server host to use an LDAP database for the user database. Failover to a secondary LDAP database is supported, and communications are secured via SSL.
The LDAP user database option is selected from the Create Host page. Selecting Configure opens the LDAP Configuration page.
Support for Secure Copy (SCP2) transfers, to provide a secure version of the remote copy capability used in UNIX applications. (WS_FTP Server Corporate)
WS_FTP Server supports SCP2 protocol (i.e. SCP over SSH2), which leverages SSH to provide authentication and secure transfer. In addition, the WS_FTP implementation of SCP2 has the benefit of leveraging any users, rules, and notifications created for the WS_FTP server host. For an SCP client, users can use either OpenSSH or PuTTY SCP.
The Enable Secure Copy (SCP2) is on the Edit Listener page when you select an SSH listener.
FIPS validated encryption of files, to support standards required by the United States and Canadian governments. (WS_FTP Server Corporate)
FIPS sets a standard for encoding data (cryptography) that is required of many military and government organizations. WS_FTP Server provides FIPS validated ciphers to encrypt file transmissions. The administrator can enable FIPS mode for the FTPS and SSH services.
FIPS mode does not apply to FTP and HTTP services. FIPS mode ensure that all secure listeners use FIPS validated cryptographic algorithms. If you use the default WS_FTP Server certificate, you will have to create a new certificate.
The Operate in FIPS Mode option is on the System Details page.
Updated home folder options: A new user option to Show home folder as root can hide the directory path to the user's home folder. This option is used with the Lock user to home folder option to improve security of user folders. Both options are on the Edit User page when you select an individual user. To set either option to apply to all users, use the iftpaddu program, found in:
- bit:
- bit:
SSH User Level Key Management: SSH user keys can be imported and exported to and from Windows, Unix and Linux systems. You can now import OpenSSH keys in the same way as you would other types of SSH keys.
Enhanced SSL Certificate Support: The WS_FTP Server Trusted Authorities database now supports SSL certificate chains containing either the full chain or just the peer level certificate. Also, SSL Certificates now support more than 2 characters for the State/Province.
SSH Listener Options: Support for suppressing the server identification and version (WS_FTP_SSH_) from being displayed on the login banner, preventing users from attempting malicious actions on the SSH server based on the server identification and version.
Notification variables: Added %emailaddress variable, which returns the email address of the user that attempted the action.
License Activation Support: During installation, if an install executable does not have an active license, a license dialog will prompt the user for a serial number, MyIpswitch username, and password. A license activation shortcut will also be available in the Windows Start Menu (Programs > Ipswitch WS_FTP Server > Activate or Refresh WS_FTP Server License), so that the user can activate a license after installation.

System requirements for WS_FTP Server

Tip: If a listed requirement is hyperlinked, you can click the link to get more information on obtaining and installing that prerequisite.

WS_FTP Server

Supported Operating Systems

For a standalone WS_FTP Server installation:

Operating System	Edition	Service Packs	Supported Versions
Windows Server
Windows Server	SP2 or later	bit: English and German bit: English
Windows Server R2

For a WS_FTP Server failover cluster using Microsoft Clustering Services:

Operating System	Edition	Service Packs	Supported Versions
Windows Server
Windows Server	Enterprise	SP2 or later
Windows Server R2	Enterprise

For a WS_FTP Server failover cluster using Microsoft Network Load Balancing:

Operating System	Edition	Service Packs	Supported Versions
Windows Server
Windows Server	SP2 or later
Windows Server R2

System Requirements

Microsoft .NET Framework
If you plan to install the WS_FTP Server Web Transfer Client, make sure that Microsoft .NET Framework is installed.
manicapital.com (via IIS) and .NET or for Web Transfer Module, Ad Hoc Transfer module, and WS_FTP Server Corporate
Broadband connection to the Internet (recommended)
During installation, you can select Microsoft Internet Information Services (IIS) as your web server (instead of WS_FTP's Web Server). If you choose this option, you need to have Microsoft Internet Information Services (IIS) or later installed on your computer.
The default database for configuration data is PostgreSQL (local only).
During installation, you can select Microsoft SQL Server as your database for configuration data. If you choose this option, you must use one of the following versions:
- Microsoft SQL Server Express, Standard, or Enterprise versions (local or remote)
- Microsoft SQL Server or R2 Express, Standard, or Enterprise versions (local or remote)

Recommended Hardware

The minimum recommended hardware is the same as recommended for Windows Server (For more information, see the Windows Server information on Microsoft's web site.) If you are using a later version operating system, you should meet the hardware requirements for that system.

Component	Requirement
Processor	Minimum: 1 GHz (x86 processor) or GHz (x64 processor) Recommended: 2 GHz or faster
Memory	Minimum: MB RAM Recommended: 2 GB RAM or greater Maximum (bit systems): 4 GB (Standard) or 64 GB (Enterprise and Datacenter) Maximum (bit systems): 32 GB (Standard) or 1 TB (Enterprise and Datacenter) or 2 TB (Itanium-Based Systems)
Available disk space	Minimum: 10 GB Recommended: 40 GB or greater

Virtualization Requirements

VMware ESXi (bit and bit guest operating systems) and ESX
Microsoft Hyper-V on Windows ; Windows bit (bit and bit guest operating systems)

Ipswitch Notification Server

All requirements for WS_FTP Server (above), plus:

Broadband or dial-up connection to the Internet (required for email notifications sent from outside of the local area network)
Modem and phone line required for pager and SMS notifications (optional)

Ipswitch Notification Server is a part of WS_FTP Server and is typically installed on the same machine.

WS_FTP Server Manager

The WS_FTP Server Manager provides web-based administration from the local machine and also allows remote management of the server.

Server Requirements:

WS_FTP's Web Server (included in installation package) or Microsoft Internet Information Services (IIS) or later.

Client Requirements:

Microsoft Internet Explorer 8 or later; Mozilla Firefox 16 or later, Google Chrome 21 or later, Apple Safari 5 or later (Mac-only)
Enabled Javascript support in the Web browser
Enabled Cookie support in the Web browser

WS_FTP Server Server Manager is a part of WS_FTP Server and is installed on the same machine.

Installing WS_FTP Server on Windows Server or

The WS_FTP Server installer automatically activates certain components in your Windows Server installation. This is necessary because after installation, Windows Server does not turn on non-core operating system components. However, before installing WS_FTP Server, you should be sure that these changes conform to your organization&#;s security policies.

When you install WS_FTP Server, the install activates the following Server roles:

ISAPI Extensions
Windows Authentication
ASP
Note: If you are installing the WS_FTP Server Web Transfer Client, there are additional components activated. See "System requirements for WS_FTP Server Web Transfer Client" below.

Installing WS_FTP Server

For detailed instructions for installing and configuring WS_FTP Server and activating a new or upgraded license, see the WS_FTP Server Installation and Configuration Guide.

Fixed in

The following issues were addressed in V

LDAP login fails. Blank BindRequest sent during connection
Added a new LDAP configuration option "Force Simple Binding" that when enabled, will default back to the simple binding method used in pre versions of WSFTP Server.
User can get to Change Password page without providing correct password
If the administrator had set Force Change Password on an account and that user then attempted to log in, that user did not have to provide the correct password for the change password dialog to appear. Fixed this so that now the user must provide the correct current password before being allowed to change the password.
STAT command is case-sensitive
Difficulties were experienced when downloading files from WS_FTP Server using Coldfusion, or OpenSSH command line clients and SFTP. The openSSH and ColdFusion clients issued a STAT command before attempting to download the file, and if the STAT command failed, they never attempted to read the file. In WS_FTP Server, the STAT command failed if the filename was not issued with the exact filename (matching case). There was a case-sensitive comparison of the filename when the STAT command was issued. Fixed this issue.
Unsecure Cookies Parameter on Web Application
Vulnerability allowed an attacker to commit theft over cookies that do not using a secure parameter (in https). During the sniffing process, the attacker can see the current value of the cookies to be used for login. For WTM and AHT, all cookies now use the "HttpOnly" flag, and if the connection is secure, they also use the "Secure" flag.
Notification Variable: %Status returns Failed when files are downloaded using SFTP (binary mode) on Filezilla or WinSCP
There was a failure to check the proper variables when determining whether or not a whole file had been downloaded, which led to the system thinking it had not downloaded the whole file when closing the connection. Fixed this issue.
Blacklist Notifications do not display in GUI after upgrading from a version prior to to version
After adding a blackout notification on the server, clicking save, restarting the services and then returning to the IP Lockout Settings in the Manager, the notification did not display. In there was a modification to have blacklist notifications all show up regardless of the host, using ID '0' in the host_rules table for this rule. However, old entries in host_rules were not updated to use ID '0' when upgrading to +, so none of these rules would show up in the UI after an upgrade, as it explicitly looks for ID '0'. Fixed this issue.
AHT Unable to download file if file name over characters
A file with a file name over characters could be successfully uploaded to the Ad Hoc Transfer package folder, but when that file was downloaded, the filename would be truncated in the database and the download would fail with a 'file not found' error. We were using an array limited to characters in one function where the file name was passed through. That array has been updated to characters (matching the database field max), which fixes the issue.
Unable to send email notification to more than 2 recipients (rcpt to) or if email address length exceeds 73 characters
After setting an email notifications in WS_FTP Server to send to multiple email recipients, only the first two email accounts received notifications; no other users received notifications. This was a known issue related to a character limit with the Send To field in a telnet style email. An encoding function was being run against the list of 'To' addresses, which was adding some unnecessary additional characters which weren't needed. The encoding function no longer adds these unnecessary characters. The recipient list can now contain up to characters.
Linux SSH public key imports to WS_FTP Server, but will not authenticate until the SSH key is converted
We were including comments at the end of the public key (which are auto-generated in Linux systems) as a part of the key itself, so the fingerprints being generated were inaccurate. The fix modifies the Server to not read those comments as part of the key during the login process, so administrators do not need to re-import any keys.
ViewState variable is not strongly encrypted, which enables an attacker to view contents that could potentially reveal sensitive information
Configuration changes were made to the application to ensure that the View State data is sufficiently protected by setting the viewStateEncryptionMode to "Always."
Upgrade of WS_FTP Server to Build took hours to complete (Windows Server bit with WS_FTP Server upgraded to Build )
Replaced manicapital.com with manicapital.com in the core and module installers. This has improved the performance of this piece of the install by approximately a magnitude of ten.
Service Trusted Path Privilege exploit
The exploit took advantage of the unquoted service paths vulnerability outlined in CVE, CVE= and CVE The vulnerability took advantage of the way Windows parsed directory paths to execute code. Fixed this issue by placing double quotes around the path to the service when providing it to whatever function creates the service. Clean installs will now install services with quoted image paths. During an upgrade or maintenance, the WS_FTP Server installer will check existing service image paths and quote them if they currently aren't quoted.
Change Directory (CD) commands are case-sensitive when changing into a virtual folder
Affected only the CD into the initial virtual folder; sub-directories under that did accept either upper or lower case CD commands. Fixed this issue by modifying the query to allow case-insensitive searches.
Ability to better control SSL version support in WS_FTP Server
Customers needed the ability to disable SSL v1 and v2 in WS_FTP Server, but leave SSL v3 and TLS enabled on the server. PCI compliance scans were failing when SSL v2 was enabled. The only option was to disable all but TLS. Fixed this issue by adding a new option to the listener encryption settings page: "Enable TLS and SSL version 3."
Entering a user name that beings with the letters "s," "g," or "d" in the WTM caused the password field to auto-fill with an invalid password after having logged on previously, requiring the user to clear the password field and manually enter the correct password.
Fixed the issue by fine-tuning the way usernames are located from within cookies.
Files larger than 2 GB cannot be downloaded, renamed or deleted via the WTM using Internet Explorer, and files larger than 2 GB cannot be renamed or deleted via the WTM using Firefox and Chrome but they can be downloaded. Browsers are also not reporting total file size of downloads correctly when the downloaded file size is larger than 2 GB.
Fixed this issue. Previously, headers returned to the client for the file download included a negative file size if the file was larger than 2 GB, which caused IE to break and other browsers to not be able to report total downloaded file size. Files larger than 2 GB can now be downloaded, renamed, and deleted in all browsers and downloaded file sizes are correct.
Large number of files in a user folder slows down the directory listing or results in failure to log on altogether in WTM
We now allow 10 times the number of files/folders.
Failover delayed due to slow stopping services
On Windows Server R2, if the WS_FTP Server and SSH Server services lose access to the SQL database, they remain in a prolonged stopping state. These services should each now take around seconds to shut down if the database is down.
When you have an SSL certificate larger than installed in IIS and bound to the site, you receive an error when trying to install the modules. The following error is received: "There was an error serializing the security certificate. Setup will abort." Thereafter, login attempts fail. Fixed this issue to allow larger pre-existing SSL certificates.
Web Module installation does not use existing certificate in IIS 8 but creates a new one in Windows Server When importing a certificate via IIS and the option to import into a new "Webhosting" certificate store is selected, the following warning now displays: "Unable to use the existing certificate bound in IIS because it's located in a certificate store other than Personal. The installation will continue with a newly generated self-signed certificate." Certificate will need to be in the personal store for WS_FTP Server to not create a new one.
Secondary LDAP user database is not checked when primary LDAP user database is down.
Server does not attempt to connect to the secondary LDAP server when the primary server fails. Fixed the issue by updating the DLL file for the LDAP connection.
After removing machine IP from blacklist, WTM login continues to fail until IIS is reset (PENDING DAVE'S REVIEW)
Fixed this issue. WTM wasn&#;t being notified when blacklist items were removed because it didn't have a 'heartbeat' process set up that was enabled for AHT/FTP/SSH. It should now behave the same as the other interfaces. It may take a few minutes, but now users will be able to log in after their IP has been removed from the blacklist without needing an IIS reset.
SSH private key can be imported into an SFTP client without prompting for passphrase
When the WS_FTP Server generates an SSH user key it prompts for a passphrase, but when that key is imported into an SFTP client the passphrase is never requested. The OpenSSL functions were not correctly generating the PEM-formatted key with encryption. Fixed this issue by specifying 3DES encryption when writing the key file.
CTR ciphers are not added to all SSH listeners on upgrade (WS_FTP Server versions to Build on 2k8G bit MSSQL SP3/Internal Web Server)
When multiple SSH listeners were created to listen on unique IP addresses and then WS_FTP Server was upgraded, not all SSH listeners would have the new CTR ciphers added, however, the ciphers could be added manually. Fixed this issue so that upgrading does add the CTR ciphers to the other listener IPs.
Cannot reach syslog server with host name
When entering details for a syslog server you could not use the host name and had to use the IP address. Fixed this issue by adding a function call to resolve the host names.
Using PSFTP to move .tif files from one directory to another via SSH on the WS_FTP Server using the MV (Move) command caused intermittent system exception error within the FTP Server log files on Windows R2 Bit, MS SQL and PostgreSQL
There was a race condition where the permissions object could sometimes be released before it was accessed when checking permissions for a file. This issue is now fixed.

Fixed in

The following issues were addressed in V

Ability to specify a port for the SMTP server in WS_FTP Server
Administrators can now configure a custom port to be used when sending SMTP notifications; port 25 was required for all SMTP notifications prior to this update.
PostgreSQL upgrade to fix security vulnerabilities
The version of PostgreSQL used by WS_FTP Server has been upgraded from to This was done to resolve known security vulnerabilities with older versions of PostgreSQL.
WS_FTP Server services (FTP and SSH) fail and require a restart before they will accept connections again.
A race condition on busy systems using FTP and/or SSH was capable of causing those services to crash due to corrupt memory. This bug has been fixed.
Directory request with a folder name gives folder attributes rather than list of contents
The commands "dir ." and "dir FolderName" were returning the attributes of the current folder, rather than the appropriate directory listings. This bug has been fixed.
DoD OpenSSL version requirement
The OpenSSL version used by WS_FTP Server has been upgraded from t to c. This upgrade was done to resolve known security issues with the older version of OpenSSL, as well as to add improved functionality that is only available in newer versions of OpenSSL.
Security scan vulnerabilities listed for the SSL protocols in WS_FTP Server:
CBC mode ciphers can now be disabled across the system by an admin, as this type of cipher has been found to be vulnerable.
If you choose to disable the CBC ciphers, Ipswitch WS_FTP Professional versions before v will not be able to connect using SSH. Older versions of other FTP clients may also use CBC ciphers.
Web Transfer Manager installer should not create SSL certificate if SSL is configured in IIS, or machinename certificate exists
New installations of the Web Transfer Module and the Ad Hoc Transfer Module will now detect a pre-configured SSL certificate and use that cert instead of creating a new self-signed certificate.
Ad Hoc Transfer transfers fail if the "files expire date" matches the maximum expiration date using MS SQL as the DB backend.
A bug has been fixed that was preventing packages sent via the Ad Hoc Transfer module to be configured with the maximum expiration time allowed. This bug only occurred on systems using Microsoft SQL Server as the back-end database.
Users cannot authenticate against an LDAP host when Active Directory displayname format includes a comma, for example: <lastname, <firstname>
A bug has been fixed that was preventing Active Directory users from authenticating to WS_FTP Server when the user's display name within Active Directory contained a comma.
Uppercase Folder names are modified to lower case in folders view as well as on the physical folder
Folder names are modified after adding a user; for example if you have a folder named ABC, once you add a user and save it, the folder name display changes to "abc" in both the WS_FTP Server Manager and on the physical server machine where the folder resides.
WS_FTP Server will not authenticate when password contains '\'
A bug has been fixed that was preventing users from logging in when their password contained a backslash.
LDAP plugin now supports a Read-only Active Directory Server
The LDAP plugin has been updated to support accessing Read-Only Active Directory (RODC) servers. Previous versions of the plugin were incompatible with RODC connections and thus failed to authenticate the user.
Ability to handle openSSH rename with leading "./" in the folder path
A bug has been fixed that caused folder paths entered with a preface of "./" to fail if used with various SSH commands.
AHT Download speed is very slow
The download transfer rate of files from the Ad Hoc Transfer interface has been greatly improved.
Renaming a virtual folder through a client connection results in physical folder deletion
When a user renamed a virtual directory via FTP or FTP/SSL, the physical folder pointed to by the virtual directory was being deleted and its contents were being copied to a new physical folder within the location of the user's original virtual directory. This bug has been fixed, so that attempts to rename a virtual directory will only rename that virtual directory and will not result in any files being moved or deleted.
Permissions search will not resolve groups, you can scroll to it only
When adding permissions to folders, admins will now be able to search for group names that contain uppercase characters. This bug only affected systems running with a PostgreSQL back-end database.
The Add User utility (manicapital.com) returns an ERROR: Incorrect syntax when both -e and -n variables are used at the same time.
The utility manicapital.com has been updated to allow both the -e and -n parameters to be specified at the same time when adding users.
User home folder deleted when user removed from Windows Database and synchronized
User home folders will no longer be deleted when a user account is deleted via sync in the following scenarios:
- The user home folder is the root folder
- The user home folder is also another user's home folder
- The user home folder is used by a virtual folder

Fixed in

The following issue was addressed in V

Fixed an issue in V where SSH and FTP server services stop accepting connections after receiving a network error. The SSH or FTP server stopped receiving new connections when it received this network error:
Users would restart the server service before it started to accept new connections.

Fixed in

The following issues were addressed in V

Fixed a security vulnerability where an attacker could exploit a cookie vulnerability to expose passwords for the Server Manager, Web Transfer Module, and Ad Hoc Transfer module web interfaces.
Fixed issue where administrators were unable to save changes to a user's home folder path when it was entered manually in the Server Manager.
Idle sessions were not closing in WS_FTP Server. The server now closes sessions that have been idle for the specified timeout period. Administrators can also terminate idle sessions from the Session Manager page in the Server Manager.
Silent uninstall of WS_FTP Server has been changed to silently deactivate the server license, even if there is no network connectivity. This will prevent an offline deactivation pop-up window.
Internet Explorer 8 displayed error messages when viewing help files for Ad Hoc Transfer module and Web Transfer Module. Fixed Javascript errors in the English and German help systems for both the modules.
Users now see explanatory messages and detailed messages are now written to the system log when uploads fail while sending Ad Hoc Transfer packages due to impersonation account errors.
If the impersonation account is incorrectly configured, the user sees the message "Send files failed - data access error, contact system administrator." If the impersonation account does not have permissions to read and write to the folder where Ad Hoc Transfer packages are stored, the user sees the message "Send files failed - system account error, contact system administrator."
Documentation updated to support backup utilities on bit systems.
In WS_FTP Server Manager Help, "Removing users from groups" no longer appears as "Adding Users to a User Group."
Upgraded PostgreSQL to to eliminate security vulnerabilities from previous versions.
Upgraded zlib to to fix some bugs and implement some security enhancements. See manicapital.com for more information.
Fixed bug where some SFTP clients cannot retrieve a directory listing if the folder contains paths or files with filenames that contain special UTF-8 characters such as French characters (like é, à or ô) or German characters (like ä, ë, or ö).
The certificate import utility has been reintroduced in V It can be found in:
- bit:
- bit:
Fixed bug in the Ad Hoc Transfer module that caused AHT to become inaccessible after reinstalling AHT with the Repair option.

Fixed in

Fixed a defect that caused notification variables (%Dir,%File, %ToFile and %FmFiles) to not display the correct file path when executed from a folder action rule on a virtual folder.
Fixed a defect in v that caused %File and %Dir notification variables to not work.
Fixed a defect in v that caused downloads via the Web Transfer Module to fail when the files were on a network (UNC) drive.
Fixed a defect that caused the SSH server service to stop accepting connections due to the incoming packet size setting in the SSH client.

Fixed in

The following issues were addressed in

Users upgrading from versions 5 to 7 or 6 to 7 were getting error messages (&#;Error &#;). This was due to a problem in the Ipswitch licensing system, which was resolved for
Some clients on non-Windows OSs had problems connecting to WS_FTP Server. This was due to a problem with a newly-introduced security feature and was resolved.
Tumbleweed and other clients using the JScape SSH Factory for .NET were getting errors when connecting to WS_FTP Server. The new version of Server has been modified to fix this problem.
In WS_FTP Server Manager, when creating a SITE command, the system failed to save when double quotes were used in the path. This problem was corrected for
In WS_FTP Server Manager, some users were seeing multiple passwords reset at the same time when individual users took the action of resetting their password. A fix included in addressed this problem.
When you use the "Show home folder as root" option, the PUT / STOR commands to move files to subfolders were not working. All commands now work as expected.
After a period following installation, users were not able to log into the WS_FTP Web Client. This was due to a problem setting permissions on folders. This problem was addressed for
In some cases, notifications were not triggered for files upload via the Web Client. This had do to with OS level permissions in specific folders, and has been resolved.
FTP sessions, in certain cases, were failing with "unsupported SFTP feature" errors when commands were issued. This has been addressed.
When shutting down WS_FTP Server on the Windows OS, some users were receiving runtime errors. This was corrected.
In some cases, on WS_FTP Server , when you configured two hosts with two separate domains using LDAP, the separate configurations were not successfully saving, and appeared as identical. This has been fixed.
WS_FTP Server's Web Admin application had several cross-site scripting (XSS) vulnerabilities of low to moderate severity in versions 6.x and These could allow remote attackers to inject arbitrary web script or HTML into pages of the web-based administration interface. These have all been addressed. (Thank you to Paul Hand, CEH for bringing these to our attention.)

Fixed in

The following issues were addressed in this release:

WS_FTP Server: SSL Certificates now support more than 2 characters for the State/Province.
WS_FTP Server: Linux/Unix public keys can now be imported successfully.
WS_FTP Server: Fixed a defect that caused an SSH connection attempt to fail for some clients and displayed the message &#;Bad remote protocol version identification: 'SSH' "
Web Transfer Module: Fixed a defect that caused the installation to fail (and display a error) when installing the WS_FTP Server Web Transfer Client on a bit Windows operating system.
Web Transfer Module: Fixed a defect that caused a failed download if the selected file's name had been truncated in the display.
Web Transfer Module: Fixed a defect that caused a download of a file with a Chinese file name to fail. The IE and Firefox browsers can now support a multi-byte character set filename, though the Safari browser cannot.

Known Issues in All Versions

OpenSSL conflicts when installing WS_FTP Server V or later

The WS_FTP Server and installation programs install a new version of the OpenSSL library. The new version (OpenSSL p for ; OpenSSL c for ), is required and gets installed to the installation folder (the default is: C:\Program Files\Ipswitch\WS_FTP Server).

If the installation program finds a version of the library in the Windows system folders, it will stop the installation and ask you to move or rename the library files. If these library files are used by other programs, you want to make sure that you retain a copy of them. We suggest you create a backup in another folder, or rename these files, then remove the files from these locations:

bit OS	bit OS
C:\Windows\libeaydll	C:\Windows\libeaydll
C:\Windows\ssleaydll	C:\Windows\ssleaydll
C:\Windows\system32\libeaydll	C:\Windows\SysWOW64\libeaydll
C:\Windows\system32\ssleaydll	C:\Windows\SysWOW64\ssleaydll
C:\Users\[username]\Windows\libeaydll or C:\Documents and Settings\[username]\Windows\libeaydll	C:\Users\[username]\Windows\libeaydll or C:\Documents and Settings\[username]\Windows\libeaydll
C:\Users\[username]\Windows\ssleaydll or C:\Documents and Settings\[username]\Windows\ssleaydll	C:\Users\[username]\Windows\ssleaydll or C:\Documents and Settings\[username]\Windows\ssleaydll

Upgrading WS_FTP Server V to V or later (PostgreSQL)

When upgrading a WS_FTP Server installation that uses a PostgreSQL database from V to V or later, you must install Microsoft .NET framework or SP1 before running the installer to upgrade, otherwise the installer will halt the installation.

IP Lockouts do not carry over failed logon attempts after cluster failover

When a cluster fails over from node 1 to node 2, the number of failed logon attempts does not carry over to node 2. Therefore, the server does not lock out the user even if the failed logon count is cumulatively greater than the limit set by the IP Lockouts rule since the failed logon count per node is less than the IP Lockout rule allows. Once a user fails a number of logons on a single node equal to the IP Lockouts limit, then the user is locked out.

For example, assume a user account&#;s IP Lockouts rule is set to blacklist the user after 5 failed attempts. If a user fails to log on 3 times while node 1 is the active node and then the cluster fails over, the user will have to fail 5 more log on attempts on node 2 in order for WS_FTP Server to blacklist the user because the failed attempts do not transfer between nodes.

Currently, there is no work around for this issue.

See IP Lockouts do not carry over failed logon attempts after cluster failover in the Ipswitch Knowledge Base for more information.

Unhandled exception when using AHT and switching nodes after a failed send

When a cluster fails over from node 1 to node 2 while an Ad Hoc Transfer user attempts to send a package from the AHT site, the file transfer fails, the user is logged out, and the browser displays the Microsoft error "Internet Explorer cannot display the webpage." After node 2 becomes the active node, users attempting to log on to the AHT site again receive an error message about an unhandled exception.

To resolve this issue, the user must restart the browser session before logging back onto the site. Then the user can send packages normally.

See An unhandled exception when using AHT and switching nodes after a failed send in the Ipswitch Knowledge Base for more details and the content of the exception.

Unable to resume transfer or delete file after failover

When a cluster fails over from node 1 to node 2 during an upload, the transfer fails and the file transfer client&#;s connection to the cluster drops (the message is "Connection is dead"). The upload does not resume when the user logs back into the server. Although the partially uploaded file is present, it cannot be deleted. This is caused by the share host (Windows UNC or Linux NAS) holding an open handle for node 1 on the partially uploaded file, presumably waiting for the client to (possibly) reconnect. Node 2 cannot modify the file at this time.

Since resuming the transfer is impossible, the user must delete the file and then restart the transfer.

To delete the file, the user must wait a few minutes until the share host releases its hold on the file handle, and then the user can delete the file. ("A few minutes" ranges from about 2 minutes on Windows, up to about 10 minutes on a Linux NAS.)

To delete the file sooner, an administrator can force a failover so that node 1 is active, allowing the user to modify the file again.

See Unable to resume transfer or delete file after failover in the Ipswitch Knowledge Base for more information.

Unable to delete files in the Web Transfer Client after failover

When a cluster fails over from node 1 to node 2 during an upload using the Web Transfer Client, both the browser session and the file transfer fail. When the user logs back in, the upload does not resume. Although the partially uploaded file is present, it cannot be deleted. This is caused by the share host (Windows UNC or Linux NAS) holding an open handle for node 1 on the partially uploaded file. Node 2 cannot modify the file at this time.

Since resuming the transfer is impossible, the user must delete the file and then restart the transfer, or overwrite the file on another upload attempt.

To delete or overwrite the file, the user must wait a few minutes until the share host releases its hold on the file handle, and then the user can delete the file. ("A few minutes" ranges from about 2 minutes on Windows, up to about 10 minutes on a Linux NAS.)

To delete the file sooner, an administrator can force a failover so that node 1 is active, allowing the user to modify files again.

See Unable to delete files in the Web Transfer Client after failover in the Ipswitch Knowledge Base for more information.

Error connecting in FIPS mode (FIPS mode cannot use the pre-7 default SSL certificate)

If you installed WS_FTP Server 6.x with the default SSL certificate, when you upgrade to WS_FTP Server 7.x, that default certificate is maintained. If you then enable FIPS mode, which requires the use of FIPS-validated ciphers in the certificate, the default certificate will cause a connection error when a user attempts a secure connection. The server log will show the following error:

To work around this issue, you need to use a certificate that uses a FIPS-validated algorithm, such as SHA1. You can select to use your own certificate, or create a new certificate in the WS_FTP Server Manager (from the Home page, select SSL Certificates).

IIS notes

Prior to installing, the Microsoft Internet Information Services Web site on which you intend to install WS_FTP Server Manager must be configured to use a port that is not already in use. If another application, such as the Web server included with Ipswitch WhatsUp Gold, is operating on the same port as the Web site, you must take one of the following actions:
- change the port used by the existing application.
- configure the Web site to use a port that is not already in use.
The setup program makes the following changes to your IIS configuration:
- On the Web site, Web Services Extensions will be set to Allow ASP Pages.
- On the WSFTPSVR Virtual Directory, Enable Parent Paths will be enabled.
- On the WSFTPSVR Virtual Directory, Application Pooling will be set to the Medium/Pool level.
On bit versions of Windows, if bit applications are not allowed to run under IIS, a "Service Unavailable" error is displayed in the browser. To correct this, you must run the following command from the command line to enable bit applications to access IIS:
After running the command, you must restart IIS.
In some cases the install will display the error message Could not enable ASP. This typically occurs when Active Server Pages in the IIS Server Extension section have been enabled. To verify this:
1. Right-click My Computer, then click Manage. The Computer Management console opens.
2. Click Services and Applications > Internet Information Services > Web Service Extensions. The Web Service Extensions are displayed in the right-hand console window.
3. Make sure that the Active Server Pages status is set to Allowed. If it is not, right-click Active Server Pages and select Allow.
4. Close the Computer Management console.
- If you specify a user other than the default user to serve as the run as user on the IIS virtual folder (if you are using Microsoft IIS as your web server), you may get a HTTP error when you attempt to open the WS_FTP Server Manager. If this occurs, you must open the virtual folder in IIS and change the anonymous access user password to match the specified user's password.

Configuring the database for remote connections

By default, the Microsoft SQL Server database will only accept connections coming from the local system. To use a remote notification server, to allow multiple servers to share a data store, or to allow a remote Web Transfer Client connection, you have to enable remote connections.

Microsoft's Knowledge Base (KB) provides the following information on remote connections:

"When you try to connect to an instance of Microsoft SQL Server from a remote computer, you may receive an error message. This problem may occur when you use any program to connect to SQL Server. For example, you receive the following error message when you use the SQLCMD utility to connect to SQL Server:

For instructions, see the Microsoft KB article: How to Configure SQL Server to Allow Remote Connections

Other notes

If has been removed from the computer on which you want to install WS_FTP Server, you must create a user account to serve as the WS_FTP Server account in Windows before installing. The account name must begin with , and it is recommended that it be configured so that the password never expires.
During the install, when you reach the Create User Accounts dialog, specify this username without the at the beginning.
For example, if you created a Windows user account called , enter for the username on the Create User Accounts dialog.
Note: If you are upgrading a previous version of WS_FTP Server with hosts that use Windows NT user databases exclusively, the username you create must be plus the username of an existing Windows NT user that has system administrator privileges in WS_FTP Server.
If you select to install to a Web site that uses a custom host header or port, the desktop shortcut created does not use the host header or port. To correct this, you must create a new shortcut using the correct host header and port.
When creating a rule for Failed Login, Folder Action, Quota Limits, or Bandwidth Limits, the Group Search function does not work.
When upgrading a host using an external (ODBC) user database, you must manually set permissions to the external database file after the upgrade completes.
When multiple hosts with firewall settings configured share a single listener, the firewall settings for the first of those hosts that a user logs into are applied to all of the hosts that share the listener and have firewall settings configured. Hosts that do not have firewall settings configured are not effected by this issue. We recommend that all hosts that are assigned to a common listener share the same firewall settings.
If you create a virtual folder with the same name as a physical folder, in , the physical folder takes precedence for permissions purposes. (This has changed from , where the virtual folder took precedence.) A work around is simply to change the name of one of the 2 folders.

Uninstalling WS_FTP Server

In the Control Panel, select Add/Remove Programs.
Select Ipswitch WS_FTP Server, then click Change/Remove and follow the onscreen prompts to uninstall.
The User Configuration Data Exists screen presents options for removing the configuration database:
- Remove the WS_FTP Server configuration data from the data store
- Remove the Ipswitch Notification Server configuration from the data store
- Also, remove the PostgreSQL database server. (Note: You may have other databases on that server.)
If you want to maintain the configuration data in the database, for example when you plan to upgrade or migrate to another database, make sure that these options are not selected.

For more assistance

For more assistance with WS_FTP Server, consult the following resources:

Installation and Configuration Guide. This guide includes information on configuring the modules, failover clusters, custom installations, unattended "silent" installations, and uninstalling the product.
User Guide. This guide describes how to use the application out-of-the-box. It is also useful if you want to read about the application before installing. To view the User Guide offline, select Start > Programs > Ipswitch WS_FTP Server > WS_FTP Server User Guide.
Application Help. Contains dialog assistance, general configuration information, and how-to's that explain the use of each feature. The application help can be accessed from any page in the WS_FTP Server Manager by clicking Help.
Ipswitch Knowledge Base. Search the Ipswitch Knowledge Base of technical support and customer service information.
WS_FTP Server Forum. Provides a resource for you to interact with other WS_FTP Server users to share helpful information about the application.

Installing and Configuring the WS_FTP Server Web Transfer Client

Whether you purchased the WS_FTP Server Web Transfer Client as an add-on to WS_FTP Server or WS_FTP Server with SSH, or you received it with your WS_FTP Server Corporate purchase, you need to run the WS_FTP Server Web Transfer Client installation program. For system requirements, installation procedure, and release notes, go to Installing and Configuring the WS_FTP Server Web Transfer Client.

Installing and Configuring the Ad Hoc Transfer Module

The Ad Hoc Transfer Module is installed separately from WS_FTP Server. For system requirements, installation procedure, and release notes, go to Installing and Configuring the Ad Hoc Transfer Module.

Источник: [manicapital.com]

, Web Page Creator 7.6 serial key or number

General Questions

What are the differences between Revu Standard, CAD and eXtreme^®?

With Revu^® Standard, you have access to a complete set of markup, editing and collaboration features, as well as plugins for Microsoft^® Office and the Bluebeam^® PDF printer for easy PDF creation.

Revu CAD includes everything in Standard, plus additional plugins for creating PDFs from AutoCAD^®, Revit^®, Navisworks^® Manage, Navisworks Simulate, SketchUp^® Pro and SolidWorks^®. You can also create 3D PDFs from AutoCAD, Revit, Navisworks and SketchUp Pro.

Revu eXtreme includes everything in CAD and Standard, plus advanced features such as scripting, automatic form creation, Optical Character Recognition (OCR), Batch Link®, Batch Slip Sheet, Batch Sign & Seal, linking real-time data from measurement markups to Excel^® worksheets and more.

You can compare all three editions of Bluebeam Revu here.

Can I transfer Revu from one computer to another?

Yes. For more information about transferring your license of Revu to another computer, please read this Support article.

What operating system does Revu run on?

All editions of Revu run on Windows^®.

What do I do if my hard drive crashes and I need to reinstall Revu?

Please contact the Bluebeam Support team for assistance and include your Revu serial number along with a brief description of the problem.

Does Revu support PDF forms?

Yes, Bluebeam Revu supports creating, viewing and filling AcroForm form documents. Revu also has full support for viewing and filling static XFA forms, and Dynamic XFA functionality continues to be updated as part of our ongoing development efforts.

With automatic form creation in Revu eXtreme, you can create forms from scanned or digital documents. Then, Revu will automatically detect fields such as signatures, date and checkboxes.

How can I learn more about Revu training programs?

Bluebeam offers a variety of training options, from self-guided online training courses to instructor-led customized training sessions. All our training offerings help you or your entire organization master Revu in no time. For more information, visit our Training page.

My clients do not have Revu. If I send them a file, will they be able to view my markups in another PDF viewer?

Yes. Bluebeam Revu follows the PDF standard, which allows markups made in Revu to be visible in other PDF viewers. However, the only way to use the unique markup features of Revu is by opening the PDF in Revu. Your clients who do not have Revu have two options: They can download Revu and use the free View Mode; OR, if they are iPad^® users, they can download the Bluebeam Vu app from the iOS store. Both options allow users to view PDFs and participate in Studio Sessions.

Where did Bluebeam Vu go? Is View Mode similar to Bluebeam Vu?

With the release of Revu , the functionality of our free viewer, Vu, is now available via the View Mode built into Revu. View Mode allows project collaborators to view PDFs and access Studio Sessions and Studio Projects, even if they don’t own a license of Revu. To use this functionality, download a free trial of Revu. When the trial expires, you can continue to use View Mode indefinitely.

With the release of View Mode within Revu, Vu will no longer be maintained and updated as a separate product. Vu and earlier versions are still available on our Downloads and Updates page.

Is Revu localized in other languages?

Revu is localized in English (UK), Swedish, Danish, Finnish, Norwegian, Dutch, German, Spanish, French, Italian, Korean and Japanese.

How to Purchase Revu

Do I need to purchase a subscription?

Bluebeam Revu is available to purchase on a Perpetual License or as an Open License with an annual subscription. Check out our pricing page for more details.

Can I use a trial version of Revu prior to purchase?

Yes! Bluebeam offers a free day trial of Revu eXtreme, our robust solution for power users, which you can download here.

Does Bluebeam offer any educational discounts?

Bluebeam offers educational discounts on Revu to current students and educators from accredited campuses and universities. Bluebeam also supports school and university campus labs by providing free licenses of Revu eXtreme.

Visit our Bluebeam Academic page for more information.

How do I buy an older version of Revu?

You may only purchase the latest version online. If you need to purchase an older version, please email us at sales@manicapital.com or call us at Opt. 1. You may also purchase older versions of Revu through an authorized reseller.

How to Upgrade Revu

What is a minor upgrade?

We release minor upgrades to Revu when we make small enhancements to the latest version of the software. For example, if you purchased a Revu license, you can upgrade to version or any other version x release at no additional cost. Check for updates by going to Help > Check for Updates in Revu or Revu 20 by visiting our Support page.

What is a major upgrade?

We periodically release a major upgrade to Revu with significant enhancements and features. An example would be the upgrade from Revu to Revu You can purchase a major version upgrade through our web store, email sales@manicapital.com or call Opt. 1. Users with active Maintenance do not need to purchase major upgrades, as they’ll receive them free of charge. If you have active Maintenance and would like to upgrade, visit our Upgrade Page.

What if I upgrade AutoCAD, Revit, Navisworks or SolidWorks and do not have the latest version of Revu?

If you upgrade to the latest version of AutoCAD, Revit, Navisworks Simulate, Navisworks Manage and/or SolidWorks but do not have the latest version of Bluebeam Revu, you can still create PDF files using the Bluebeam PDF printer. For full access to the AutoCAD, Revit, Navisworks and/or SolidWorks plugin, an upgrade of Bluebeam Revu may be required. View our complete Software Requirement Chart to check if your design software is compatible with your version of Revu.

How do I upgrade my current Revu edition to a different one?

This would be considered a crossgrade. We offer crossgrades when customers want to upgrade between editions (e.g., Standard 20 to eXtreme 20). In order to qualify for a crossgrade, the existing license must have active Maintenance. If the license is an older version or does not have active Maintenance, the customer must purchase an upgrade (e.g., Standard without Maintenance to eXtreme 20). For more information please contact sales@manicapital.com

Compatibility and Integrations

Does Bluebeam Revu integrate with any Document Management System (DMS)?

Bluebeam Revu offers direct integration with SharePoint^® and ProjectWise^® for seamless access to files stored in these document management systems. Revu also includes Studio Projects for file storage.

Can Revu run in a Citrix environment?

Bluebeam Revu is certified Citrix^® Ready^® for XenApp and XenDesktop To stay compliant with our EULA (End User License Agreement), you must purchase as many seats as there are Revu users in your organization.

Note that Windows Server R2 and above are supported under Citrix environments. For more information, visit our Support page.

General Questions

What is Studio?

Built into Bluebeam Revu, Studio enables powerful document management and real-time collaboration.

Studio Projects give you a single centralized location to store documents—even entire building projects—in the cloud. And Studio Sessions let project teams review, mark up and update the same files at the same time.

What are Studio Sessions?

Sessions enable document-based online real-time collaboration. They are accessible through the Revu interface. Only the host needs a Revu license to initiate a Studio Session, and all invited attendees can participate in the Session through Revu or Revu for iPad. If collaborators do not have a license of Revu, they can use Revu in View Mode or Vu for iPad.

What are Studio Projects?

Studio Projects enable streamlined document management by allowing you to store and manage your project files, including PDFs and other file types, in one place through the Revu interface. Teams can work with Project files regardless of internet access—simply sync files locally from a Project before going offline and re-sync any updates once you reconnect.

Collaborators who do not own a license of Revu can access the files using Revu in View Mode or Vu for iPad. Or, you can send them password-protected Share Links, which allow them to download a local copy of the files.

What type of permissions are available in Studio?

Studio—which includes options for organizations to have more administrative control over their Sessions and Projects—offers varying levels of permissions, from limiting the level of collaboration for internal users to managing participants outside of the organization. Learn more here.

Do I need to own Revu to access Studio?

You can access Studio and unlock the industry-standard markup tools in Revu without owning a license of the software. Download a trial of Revu to use in View Mode, or download the free Vu app for iPad.

Studio Session and Projects Comparison

Sessions	Projects
How many attendees can join?		Unlimited
How many files can we upload?	5,	Unlimited
What files does it support?	PDF	Any file format
How big can the files be?	1 GB each	Unlimited
How big can the markups be?	10 MB each	Unlimited
How much space can we use?	Unlimited	Unlimited
Can attendee access rights be managed?	Yes	Yes
Can previous file revisions be viewed and restored?	No	Yes
Can we receive notifications about file and user activity?	Yes	Yes
Can we send and receive markup alerts?	Yes	No
Do all attendees need a license of Revu?	No	No

Studio Prime

What is Studio Prime?

Studio Prime is a subscription that gives companies additional administrative and user management control over their Studio Projects and Sessions. Administrators can access Studio activity reports through the online Studio Prime Portal, as well as Folder Automations functionality and the Bluebeam Studio API for external application integrations.

Do I need to own Revu to use Studio Prime?

Yes, you need to own a seat of Revu to leverage the full benefits of Studio Prime. Studio Prime gives you access to user management capabilities, such as the ability to manage all members within their Studio Prime account, manage access to Studio Sessions and Projects content, as well as business insights from reports, through the Studio Prime Portal.

What are the different types of users within Studio Prime?

A Studio Prime subscription makes it easier to collaborate with outside vendors and project partners, giving your organization more control over each Studio participant. There are two types of users within Studio Prime: Members and Collaborators.

MEMBERS
Members are users who are invited to join your Prime account. They could be employees, joint venture partners or anyone who needs to become a managed user.
COLLABORATORS
Collaborators are external users that Members invite to attend managed Projects and Sessions. Collaborators could be superintendents, subcontractors or anyone who needs access to a Studio Project or Session within the Studio Prime account. Prime Administrators can control Collaborators' access to Members' managed Projects and Sessions.

When invited to the Studio Prime account, Members give Administrators the ability to manage their Studio account and associated Projects and Sessions. Collaborators, on the other hand, maintain control over their personal Studio account when joining or leaving a Project or Session within the Prime account.

How does an Administrator access the Studio Prime Portal to manage users and generate reports?

Administrators can access their Studio Prime account through the online Studio Prime Portal at manicapital.com

What is the Studio API?

The Studio API lets Studio Prime subscribers create applications to manage their Studio Projects and Sessions. These applications can leverage Studio in a number of ways, including:

Studio Projects and Sessions: Add and create.
Project folders: Add or delete Project folders and manage folder permissions.
Studio files: Add, update, download, and delete Project and Session files, and restore file revisions.
Studio users: Invite or add users to Projects and Sessions, and manage user permissions.
Studio permissions: Manage Project and Session permissions.
Session activity: Get a report on all Session activity and create chat messages in a Session.
Studio jobs: Execute file-processing jobs on Project files.

What is Folder Automations?

Folder Automations is a feature in Studio Projects that allows Studio Prime subscribers to streamline repetitive PDF-based workflows across a large number of users. Subscribers can automatically perform a set of predefined actions to files in a Project folder, including:

Converting files
Delete pages
Export form data
Export markups
Extract pages
Flatten
Add headers and footers
Import custom columns
Insert blank pages
Insert pages
Process colors
Reduce file size
Repair page content
Reverse pages
Rotate pages
Stamp
Unflatten markups
Create PDF/A report
Save as PDF/A

What are the available file conversions supported by Studio Prime’s Folder Automations?

DWG to PDF
Word to PDF
Excel to PDF
Image (JPEG, TIFF, etc.) to PDF
PostScript to PDF

General Questions

Can I still use my license of Revu for Mac?

While there will be no new development of additional features, you can continue to use your existing license of Revu for Mac. For more information on support options please see our support article.

The End User License Agreement for Revu for Mac is available here.

Can I install Revu on a Mac using Parallels or other virtual machine tools?

While it's possible to run Revu for Windows on a Mac via Boot Camp or Parallels, there are potential variables that may cause compatibility issues. Because of this, we can't troubleshoot or resolve user issues in these environments.

Perpetual Licensing

Perpetual Licensing is a licensing system that requires companies to purchase and register Revu on a per workstation basis using a serial number and product key. Perpetual licensing is available for Revu Standard, CAD and eXtreme and may include Maintenance.

Open Licensing

Open Licensing is an annual subscription that allows companies to authorize concurrent access to Revu eXtreme for any user in their company from a shared pool of seats. Open Licensing brings flexibility and the benefits of volume software licensing to organizations of all sizes, anytime, anywhere.

Seats may be added to an existing Open License at any time, and they will be prorated based on the renewal date. Active subscriptions are entitled to free upgrades and Maintenance, with access to our Technical Support team by phone and email as well as Bluebeam Drawings*.

*Drawings is optimized using the United States National CAD Standard^® (NCS).

How does Open Licensing work?

Simply launch Revu to request a seat from the Bluebeam Gateway, a web-accessible portal where licenses and Bluebeam Drawings* usage are hosted and managed.
If a seat is available, the Gateway automatically allocates it to the user and authorizes Revu to run on that computer.
Once all available seats are in use, the Gateway limits further requests for Revu to run.
When an active user closes Revu, the Gateway automatically retrieves the seat and immediately makes it available for others to access.

*Drawings is optimized using the United States National CAD Standard® (NCS).

What are the Administrator capabilities for Open Licensing?

Access to the Bluebeam Gateway
Count active Revu users versus available seats
View usage trends over a selectable calendar period
Access historical data of overages
Export logs, registered computers and username data
Manage multiple seats through a single interface
Invite additional Administrators to assist in managing active users

Which versions and editions of Revu are supported by Open Licensing?

Open Licensing supports Revu eXtreme, version and above.

What happens if an Open License user loses internet access?

For situations when connectivity to the internet becomes temporarily unavailable, or if a computer is outside of the office and cannot connect, Open License seats will switch to offline mode. In offline mode, each device is granted three days to use the program before it is required to connect back to the Bluebeam Gateway.

What happens if all the seats in my Open License pool are checked out but someone urgently needs to use Revu?

Administrators have the option to log in to the Gateway and manually release any user whose status is inactive. If the Administrator releases a seat while a user is working in the program, we release the seat but also protect the active user by allowing them to continue working so that they will not lose their work. Only when they close and reopen Revu again will they need an available Open License seat to continue working with Revu.

How are upgrades within Open Licenses managed?

We understand that fully upgrading software within an organization takes time. If you own an Open License and an upgrade to the next version becomes available, both the current and new versions will continue sharing the same pool of seats. This allows for ultimate flexibility when your environment requires incremental upgrades.

Enterprise Licensing

How does Enterprise Licensing work?

An Enterprise License is a special license key of Bluebeam Revu designed to help manage computer turnover. It does two things:

Automatically releases registered computers that have failed to communicate with our licensing server for 15 days.
Provides a temporary 5% overage of the total number of allowed installations.

In other words, once a machine takes up a seat by registering to an Enterprise License, it will periodically ping Bluebeam's Licensing Server to confirm that it is still active. If the machine fails to communicate with the server for a period of 15 days, it will automatically be released from the license key, freeing up the seat to be registered to another machine. The 5% overage, or cushion, allows for the lag time between re-imaging workstations or releasing inactive seats. If you exceed the overage allowance, an "exceeded licenses" warning will appear, and further installations will be restricted.

The benefit of Enterprise Licensing is that there’s no longer a need to manually uninstall or release seats from workstations that are being transferred, phased out or re-imaged, which ensures that your licensed seats are fully utilized. You can view or manage your Enterprise License at any time through our web portal, the Bluebeam Gateway.

What are the Administrator capabilities for Enterprise Licensing?

Access to the Bluebeam Gateway
Count active Revu users versus available seats
Manage multiple seats through a single interface
Invite additional Administrators to assist in managing active users

How do I know if I have used all my licenses? Is there a charge for going over?

With an Enterprise License, you gain access to the Bluebeam Gateway, a web portal for viewing and managing both Enterprise and Open Licenses. The Bluebeam Gateway allows you to view how many seats of each version and edition you own, how many computers, or "seats," are registered to each license, and which computers they are.

As long as your total number of registered machines per edition does not exceed the total number of seats allowed for a period of more than 30 days, you won't be further charged. If you are approaching or exceeding your limit, you can purchase additional seats or unregister licenses from computers as needed. Any new seats purchased may take up to 24 hours to update and appear in the Gateway.

I logged in to the Bluebeam Gateway and I can’t find what I’m looking for.

We’ve recently consolidated individual licenses into single accounts tied to organizational domain names to provide a simpler and more customer-friendly experience. Please reference our support article for more information.

Why can’t I access the Bluebeam Gateway with my existing login information?

As we strive to provide a better customer experience, we’ve created Bluebeam ID, which allows users to seamlessly access multiple Bluebeam applications, including Bluebeam Gateway and Studio. To get you set up, we’ve sent out an email to the Gateway admin listed in our system to create a Bluebeam ID. Please remember to check your spam folder. If you can’t find the email or are still having trouble, please reference our support article.

What is a Bluebeam ID (BBID)?

Bluebeam ID is the login that allows you to seamlessly access multiple Bluebeam applications, including Bluebeam Gateway, Studio and Bluebeam Drawings*. If you already have a Studio account, you can use the same email address and password for your Bluebeam ID. If you do not use Studio, you can use the email address associated with your existing Gateway account to create a Bluebeam ID.

*Drawings is optimized using the United States National CAD Standard^® (NCS).

How do I qualify for Enterprise Licensing?

There are a couple requirements for Enterprise Licensing. First, your licenses must be consolidated into a single license key by product. Second, your annual Maintenance must be current and maintained. Please note, Enterprise Licenses are not intended for Citrix or other terminal server environments.

How much does Enterprise Licensing cost and how can I find out more?

For information about Enterprise Licensing, contact us.

General Questions

What is Maintenance?

Maintenance is an add-on available when you buy Revu that gives you:

Direct phone and email access to our experienced Technical Support team
Free upgrades to the latest version of Revu within one year of purchase
The ability to easily upload and distribute mobile-optimized drawings to any device in the field with Bluebeam Drawings*

You can learn more about Maintenance here.

*Drawings is optimized using the United States National CAD Standard^® (NCS).

How do I buy Maintenance?

Maintenance is available in our web store at the time of purchase and is renewable annually. Forget to add it to your purchase of Revu? Let us know.

What is Maintenance?

Maintenance is an add-on available when you buy Revu that gives you:

Direct phone and email access to our experienced Technical Support team
Free upgrades to the latest version of Revu within one year of purchase
The ability to easily upload and distribute mobile-optimized drawings to any device in the field with Bluebeam Drawings*

You can learn more about Maintenance here.

*Drawings is optimized using the United States National CAD Standard^® (NCS).

How do I buy Maintenance?

Maintenance is available at the time of purchase and is renewable annually. Forget to add it to your purchase of Revu? Let us know or contact your reseller.

What is Maintenance?

Maintenance is an add-on available when you buy Revu that gives you:

Direct phone and email access to our experienced Technical Support team
Free upgrades to the latest version of Revu
The ability to easily upload and distribute mobile-optimized drawings to any device in the field with Bluebeam Drawings*

You can learn more about Maintenance here.

*Drawings is optimized using the United States National CAD Standard^® (NCS).

How do I buy Maintenance?

Maintenance is available at the time of purchase and is renewable annually. Forget to add it to your purchase of Revu? Let us know or contact your reseller.

What is Maintenance?

Maintenance is an add-on available when you buy Revu that gives you:

Direct phone and email access to our experienced Technical Support team
Free upgrades to the latest version of Revu within one year of purchase.
The ability to easily upload and distribute mobile-optimized drawings to any device in the field with Bluebeam Drawings*

You can learn more about Maintenance here.

*Drawings is optimized using the United States National CAD Standard^® (NCS).

Bluebeam University

Does Bluebeam offer any self-guided training?

For users interested in self-guided training coursework, Bluebeam offers Bluebeam University where you can get an in-depth, comprehensive education of typical Revu workflows at a pace that fits your schedule.

For more information, visit the Bluebeam University page.

Instructor-Led Training

We feel like we’re only scratching the surface of Bluebeam. Where do we start?

We offer a variety of custom training options to help you get the most out of Revu. Our web and on-site training options both feature experienced, knowledgeable live instructors. On-site training is a full day minimum and includes hands-on exercises where you can practice by “clicking along” with the instructor and ask questions as you go. Web-based training also includes a live instructor, but courses are limited to two hours. While there are no exercises, you can still ask the instructor questions via a chat panel.

For a more flexible pace, Bluebeam University is a self-guided, online course where you can learn Revu at your own speed.

If you want to go a bit deeper with Revu to transform workflows across your organization, email us at training@manicapital.com to find out more about our Professional Services option.

How much does training cost and how many people can I get trained at one time?

For on-site and web training pricing information, please see our pricing list. Web training allows for up to connections per course. As for on-site training, we recommend no more than 15 people per instructor, but can accommodate up to

For Bluebeam University pricing, check out our packages. Bluebeam University is sold on a per user, per year basis, and there’s no limit to how many users can enroll.

Bluebeam Certified Instructor Training

What do I need to become a Bluebeam Certified Instructor (BCI)?

The most important prerequisite to becoming a Bluebeam Certified Instructor is extensive knowledge of Revu. Experience with teaching or training is helpful, but not necessary; during the three days of BCI training we’ll devote significant time to learning training skills.

Once you’ve completed the course, you’ll need to pass a BCI exam, where your teaching session of Revu is evaluated by Bluebeam Instructors.

Orders

What payment methods do you accept?

For web store purchases, we accept Visa, MasterCard and American Express.
To place a purchase order with net 30 payment terms, please email a formal PO as an attachment to sales@manicapital.com You may also fax it to Please allow up to one business day for your order to be processed.

What is my order status?

You should receive your Revu license information soon after purchase. In some cases, your order may require manual review. If this is the case, you will be contacted by a Bluebeam representative within the next business day.

I received my license key, but I am still waiting for my receipt. When will I receive it?

You will receive an emailed receipt once payment has been processed, typically within one business day.

I can’t find my license key information. What should I do?

The license information is emailed from registration@manicapital.com Please check your spam/junk folder if you don't see it. If you still can’t find it, email us at sales@manicapital.com or call us at Opt. 1 for assistance.

How do I get a copy of the receipt?

Please contact sales@manicapital.com For a faster response, please include your license information and the order number.

Support

How do I download my purchase?

You can download all Revu products here, including legacy releases. If you already made a purchase, please make sure your download is the same as your purchase.

How do I get technical support for my product?

Visit our Support website. The site includes numerous technical support articles and video tutorials that may provide answers to your questions. You can also submit a support ticket here.

Returns

Returning a product purchased directly from Bluebeam

We will happily exchange or refund any product purchased directly from the Bluebeam web store or a Bluebeam representative if a request is made within 30 days of the purchase date.

Make sure your computer is connected to the internet. If you are offline, you will not be able to unregister your license key, and the Bluebeam representative will not be able to process your refund.

To unregister the product you wish to exchange or return:

Go to Programs > Bluebeam Software > Bluebeam Administrator and select the Tools menu. Click Unregister to release your license key.

- OR -

Go to Start > Control Panel > Add or Remove Programs and select the Bluebeam product you would like to return from the list. Follow the steps to completely uninstall the product, and your license key will be released automatically.

Note: The steps listed above are only valid for Windows 7

Contact Bluebeam Customer Service with the following information:

Your name, email and phone number
The product you're returning
The serial number or Cash Sale number
The reason for the return
The purchase price

A Bluebeam representative will verify that your license is not in use, void your license certificate and process your refund within one business day.

Note: Credit card purchases will be refunded to the same credit card used for the original purchase. A purchase order will be refunded or issued a credit depending on the status of payment.

Returning Bluebeam products purchased through an Authorized Reseller

To return a Bluebeam product you purchased through an Authorized Reseller, you must contact the reseller to process your refund. The reseller may exchange or refund the purchase according to their return policy or within 30 days of the purchase date—whichever is earlier.

Bluebeam does not accept returns for the following types of products:

Not-for-resale (NFR), Trial, OEM bundled, pirated, or free products or versions, Online Service Subscriptions or Maintenance renewals, products purchased from an online auction site or from an individual, and products or versions of products that Bluebeam no longer distributes or supports.

Subscribe to Bluebeam email

Enter your email address and set your subscription preferences below to get Bluebeam news, product updates, tips & tricks and special publications.

This Website Uses Cookies

We’d like to use cookies to improve your online experience and the quality of our service. Learn More

Источник: [manicapital.com]

Web Page Creator 7.6 serial key or number

Ssh (Secure Shell)

Cryptographic network protocol

Secure Shell (SSH) is a cryptographicnetwork protocol for operating network services securely over an unsecured network.^[1] Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.

SSH provides a secure channel over an unsecured network by using a client–server architecture, connecting an SSH client application with an SSH server.^[2] The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH The standard TCP port for SSH is SSH is generally used to access Unix-like operating systems, but it can also be used on Microsoft Windows. Windows 10 uses OpenSSH as its default SSH client and SSH server.^[3]

Despite popular misconception, SSH is not an implementation of Telnet with cryptography provided by the Secure Sockets Layer (SSL).

SSH was designed as a replacement for Telnet and for unsecured remote shell protocols such as the Berkeley rsh and the related rlogin and rexec protocols. Those protocols send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis.^[4] The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet, although files leaked by Edward Snowden indicate that the National Security Agency can sometimes decrypt SSH, allowing them to read, modify and selectively suppress the contents of SSH sessions.^[5]

SSH can also be run using SCTP rather than TCP as the connection oriented transport layer protocol.^[6]

The IANA has assigned TCPport 22, UDP port 22 and SCTP port 22 for this protocol.^[7]

Definition[edit]

SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary.^[2] There are several ways to use SSH; one is to use automatically generated public-private key pairs to simply encrypt a network connection, and then use password authentication to log on.

Another is to use a manually generated public-private key pair to perform the authentication, allowing users or programs to log in without having to specify a password. In this scenario, anyone can produce a matching pair of different keys (public and private). The public key is placed on all computers that must allow access to the owner of the matching private key (the owner keeps the private key secret). While authentication is based on the private key, the key itself is never transferred through the network during authentication. SSH only verifies whether the same person offering the public key also owns the matching private key. In all versions of SSH it is important to verify unknown public keys, i.e. associate the public keys with identities, before accepting them as valid. Accepting an attacker's public key without validation will authorize an unauthorized attacker as a valid user.

Authentication: OpenSSH key management[edit]

On Unix-like systems, the list of authorized public keys is typically stored in the home directory of the user that is allowed to log in remotely, in the file ~/.ssh/authorized_keys.^[8] This file is respected by SSH only if it is not writable by anything apart from the owner and root. When the public key is present on the remote end and the matching private key is present on the local end, typing in the password is no longer required. However, for additional security the private key itself can be locked with a passphrase.

The private key can also be looked for in standard places, and its full path can be specified as a command line setting (the option -i for ssh). The ssh-keygen utility produces the public and private keys, always in pairs.

SSH also supports password-based authentication that is encrypted by automatically generated keys. In this case, the attacker could imitate the legitimate server side, ask for the password, and obtain it (man-in-the-middle attack). However, this is possible only if the two sides have never authenticated before, as SSH remembers the key that the server side previously used. The SSH client raises a warning before accepting the key of a new, previously unknown server. Password authentication can be disabled.

Usage[edit]

SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwardingTCP ports and X11 connections; it can transfer files using the associated SSH file transfer (SFTP) or secure copy (SCP) protocols.^[2] SSH uses the client-server model.

The standard TCP port 22 has been assigned for contacting SSH servers.^[9]

An SSH client program is typically used for establishing connections to an SSH daemon accepting remote connections. Both are commonly present on most modern operating systems, including macOS, most distributions of Linux, OpenBSD, FreeBSD, NetBSD, Solaris and OpenVMS. Notably, versions of Windows prior to Windows 10 version do not include SSH by default. Proprietary, freeware and open source (e.g. PuTTY,^[10] and the version of OpenSSH which is part of Cygwin^[11]) versions of various levels of complexity and completeness exist. File managers for UNIX-like systems (e.g. Konqueror) can use the FISH protocol to provide a split-pane GUI with drag-and-drop. The open source Windows program WinSCP^[12] provides similar file management (synchronization, copy, remote delete) capability using PuTTY as a back-end. Both WinSCP^[13] and PuTTY^[14] are available packaged to run directly off a USB drive, without requiring installation on the client machine. Setting up an SSH server in Windows typically involves enabling a feature in Settings app. In Windows 10 version , an official Win32 port of OpenSSH is available.

SSH is important in cloud computing to solve connectivity problems, avoiding the security issues of exposing a cloud-based virtual machine directly on the Internet. An SSH tunnel can provide a secure path over the Internet, through a firewall to a virtual machine.^[15]

History and development[edit]

Version 1.x[edit]

In , Tatu Ylönen, a researcher at Helsinki University of Technology, Finland, designed the first version of the protocol (now called SSH-1) prompted by a password-sniffing attack at his university network.^[16] The goal of SSH was to replace the earlier rlogin, TELNET, FTP^[17] and rsh protocols, which did not provide strong authentication nor guarantee confidentiality. Ylönen released his implementation as freeware in July , and the tool quickly gained in popularity. Towards the end of , the SSH user base had grown to 20, users in fifty countries.

In December , Ylönen founded SSH Communications Security to market and develop SSH. The original version of the SSH software used various pieces of free software, such as GNU libgmp, but later versions released by SSH Communications Security evolved into increasingly proprietary software.

It was estimated that by the year the number of users had grown to 2 million.^[18]

Version 2.x[edit]

"Secsh" was the official Internet Engineering Task Force's (IETF) name for the IETF working group responsible for version 2 of the SSH protocol.^[19] In , a revised version of the protocol, SSH-2, was adopted as a standard. This version is incompatible with SSH SSH-2 features both security and feature improvements over SSH Better security, for example, comes through Diffie–Hellman key exchange and strong integrity checking via message authentication codes. New features of SSH-2 include the ability to run any number of shell sessions over a single SSH connection.^[20] Due to SSH-2's superiority and popularity over SSH-1, some implementations such as libssh (v+),^[21]Lsh^[22] and Dropbear^[23] support only the SSH-2 protocol.

Version [edit]

In January , well after version was established, RFC specified that an SSH server which supports both and prior versions of SSH should identify its protoversion as ^[24] This is not an actual version but a method to identify backward compatibility.

OpenSSH and OSSH[edit]

In , developers, wanting a free software version to be available, went back to the older release of the original SSH program, which was the last released under an open source license. Björn Grönvall's OSSH was subsequently developed from this codebase. Shortly thereafter, OpenBSD developers forked Grönvall's code and did extensive work on it, creating OpenSSH, which shipped with the release of OpenBSD. From this version, a "portability" branch was formed to port OpenSSH to other operating systems.^[25]

As of ^[update], OpenSSH was the single most popular SSH implementation, coming by default in a large number of operating systems. OSSH meanwhile has become obsolete.^[26] OpenSSH continues to be maintained and supports the SSH-2 protocol, having expunged SSH-1 support from the codebase with the OpenSSH release.

Uses[edit]

Example of tunneling an X11 application over SSH: the user 'josh' has SSHed from the local machine 'foofighter' to the remote machine 'tengwar' to run xeyes.

SSH is a protocol that can be used for many applications across many platforms including most Unix variants (Linux, the BSDs including Apple'smacOS, and Solaris), as well as Microsoft Windows. Some of the applications below may require features that are only available or compatible with specific SSH clients or servers. For example, using the SSH protocol to implement a VPN is possible, but presently only with the OpenSSH server and client implementation.

For login to a shell on a remote host (replacing Telnet and rlogin)
For executing a single command on a remote host (replacing rsh)
For setting up automatic (passwordless) login to a remote server (for example, using OpenSSH^[27])
In combination with rsync to back up, copy and mirror files efficiently and securely
For forwarding a port
For tunneling (not to be confused with a VPN, which routes packets between different networks, or bridges two broadcast domains into one).
For using as a full-fledged encrypted VPN. Note that only OpenSSH server and client supports this feature.
For forwarding X from a remote host (possible through multiple intermediate hosts)
For browsing the web through an encrypted proxy connection with SSH clients that support the SOCKS protocol.
For securely mounting a directory on a remote server as a filesystem on a local computer using SSHFS.
For automated remote monitoring and management of servers through one or more of the mechanisms discussed above.
For development on a mobile or embedded device that supports SSH.
For securing file transfer protocols.

File transfer protocols[edit]

The Secure Shell protocols are used in several file transfer mechanisms.

Architecture[edit]

Diagram of the SSH-2 binary packet.

The SSH-2 protocol has an internal architecture (defined in RFC ) with well-separated layers, namely:

The transport layer (RFC ), which typically runs on top of TCP/IP. This layer handles initial key exchange as well as server authentication, and sets up encryption, compression and integrity verification. It exposes to the upper layer an interface for sending and receiving plaintext packets with sizes of up to 32, bytes each (more can be allowed by the implementation). The transport layer also arranges for key re-exchange, usually after 1 GB of data has been transferred or after 1 hour has passed, whichever occurs first.
The user authentication layer (RFC ). This layer handles client authentication and provides a number of authentication methods. Authentication is client-driven: when one is prompted for a password, it may be the SSH client prompting, not the server. The server merely responds to the client's authentication requests. Widely used user-authentication methods include the following:
- password: a method for straightforward password authentication, including a facility allowing a password to be changed. Not all programs implement this method.
- publickey: a method for public key-based authentication, usually supporting at least DSA, ECDSA or RSA keypairs, with other implementations also supporting X certificates.
- keyboard-interactive (RFC ): a versatile method where the server sends one or more prompts to enter information and the client displays them and sends back responses keyed-in by the user. Used to provide one-time password authentication such as S/Key or SecurID. Used by some OpenSSH configurations when PAM is the underlying host-authentication provider to effectively provide password authentication, sometimes leading to inability to log in with a client that supports just the plain password authentication method.
- GSSAPI authentication methods which provide an extensible scheme to perform SSH authentication using external mechanisms such as Kerberos 5 or NTLM, providing single sign-on capability to SSH sessions. These methods are usually implemented by commercial SSH implementations for use in organizations, though OpenSSH does have a working GSSAPI implementation.
The connection layer (RFC ). This layer defines the concept of channels, channel requests and global requests using which SSH services are provided. A single SSH connection can host multiple channels simultaneously, each transferring data in both directions. Channel requests are used to relay out-of-band channel-specific data, such as the changed size of a terminal window or the exit code of a server-side process. Additionally, each channel performs its own flow control using the receive window size. The SSH client requests a server-side port to be forwarded using a global request. Standard channel types include:
- shell for terminal shells, SFTP and exec requests (including SCP transfers)
- direct-tcpip for client-to-server forwarded connections
- forwarded-tcpip for server-to-client forwarded connections
The SSHFP DNS record (RFC ) provides the public host key fingerprints in order to aid in verifying the authenticity of the host.

This open architecture provides considerable flexibility, allowing the use of SSH for a variety of purposes beyond a secure shell. The functionality of the transport layer alone is comparable to Transport Layer Security (TLS); the user-authentication layer is highly extensible with custom authentication methods; and the connection layer provides the ability to multiplex many secondary sessions into a single SSH connection, a feature comparable to BEEP and not available in TLS.

Algorithms[edit]

Vulnerabilities[edit]

SSH-1[edit]

In , a vulnerability was described in SSH which allowed the unauthorized insertion of content into an encrypted SSH stream due to insufficient data integrity protection from CRC used in this version of the protocol.^[33]^[34] A fix known as SSH Compensation Attack Detector^[35] was introduced into most implementations. Many of these updated implementations contained a new integer overflow vulnerability^[36] that allowed attackers to execute arbitrary code with the privileges of the SSH daemon, typically root.

In January a vulnerability was discovered that allows attackers to modify the last block of an IDEA-encrypted session.^[37] The same month, another vulnerability was discovered that allowed a malicious server to forward a client authentication to another server.^[38]

Since SSH-1 has inherent design flaws which make it vulnerable, it is now generally considered obsolete and should be avoided by explicitly disabling fallback to SSH^[38] Most modern servers and clients support SSH^[39]

CBC plaintext recovery[edit]

In November , a theoretical vulnerability was discovered for all versions of SSH which allowed recovery of up to 32 bits of plaintext from a block of ciphertext that was encrypted using what was then the standard default encryption mode, CBC.^[40] The most straightforward solution is to use CTR, counter mode, instead of CBC mode, since this renders SSH resistant to the attack.^[40]

Possible vulnerabilities[edit]

On December 28, Der Spiegel published classified information^[5] leaked by whistleblower Edward Snowden which suggests that the National Security Agency may be able to decrypt some SSH traffic. The technical details associated with such a process were not disclosed.

An analysis in of the hacking tools BothanSpy & Gyrfalcon suggested that the SSH protocol itself was not compromised.^[41]

Standards documentation[edit]

The following RFC publications by the IETF "secsh" working group document SSH-2 as a proposed Internet standard.

RFC - The Secure Shell (SSH) Protocol Assigned Numbers
RFC - The Secure Shell (SSH) Protocol Architecture
RFC - The Secure Shell (SSH) Authentication Protocol
RFC - The Secure Shell (SSH) Transport Layer Protocol
RFC - The Secure Shell (SSH) Connection Protocol
RFC - Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints
RFC - Generic Message Exchange Authentication for the Secure Shell Protocol (SSH)
RFC - The Secure Shell (SSH) Session Channel Break Extension
RFC - The Secure Shell (SSH) Transport Layer Encryption Modes
RFC - Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol

It was later modified and expanded by the following publications.

RFC - Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol (March )
RFC - RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol (March )
RFC - Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell (SSH) Protocol (May )
RFC - The Secure Shell (SSH) Public Key File Format (November )
RFC - Secure Shell Public Key Subsystem (March )
RFC - AES Galois Counter Mode for the Secure Shell Transport Layer Protocol (August )
RFC - Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer (December )
RFC - Xv3 Certificates for Secure Shell Authentication (March )
RFC - Suite B Cryptographic Suites for Secure Shell (SSH) (May )
RFC - Use of the SHA Algorithm with RSA, Digital Signature Algorithm (DSA), and Elliptic Curve DSA (ECDSA) in SSHFP Resource Records (April )
RFC - SHA-2 Data Integrity Verification for the Secure Shell (SSH) Transport Layer Protocol (July )
RFC - Ed SSHFP Resource Records (March )
RFC - Secure Shell Transport Model for the Simple Network Management Protocol (SNMP) (June )
RFC - Using the NETCONF Protocol over Secure Shell (SSH) (June )
draft-gerhards-syslog-transport-ssh - SSH transport mapping for SYSLOG (July )
draft-ietf-secsh-filexfer - SSH File Transfer Protocol (July )

In addition, the OpenSSH project includes several vendor protocol specifications/extensions:

References[edit]

^T. Ylonen; C. Lonvick (January ). The Secure Shell (SSH) Protocol Architecture. Network Working Group of the IETF. doi/RFC RFC
^ ^a^b^c Network Working Group of the IETF, January , RFC , The Secure Shell (SSH) Authentication Protocol
^"OpenSSH in Windows". Microsoft Docs. 7 January
^"SSH Hardens the Secure Shell". manicapital.com. Archived from the original on
^ ^a^b"Prying Eyes: Inside the NSA's War on Internet Security". Spiegel Online. December 28, Archived from the original on January 24,
^Seggelmann, R.; Tuxen, M.; Rathgeb, E.P. (18–20 July ). "SSH over SCTP — Optimizing a multi-channel protocol by adapting it to SCTP". Communication Systems, Networks & Digital Signal Processing (CSNDSP), 8th International Symposium on: 1–6. doi/CSNDSP ISBN&#;.
^"Service Name and Transport Protocol Port Number Registry".
^"How To Set Up Authorized Keys". Archived from the original on
^"Service Name and Transport Protocol Port Number Registry". manicapital.com. Archived from the original on
^"Download PuTTY - a free SSH and telnet client for Windows". manicapital.com Archived from the original on Retrieved
^"Cygwin Package List". Retrieved January 5,
^"WinSCP home page". Archived from the original on
^"WinSCP page for manicapital.com". Archived from the original on
^"PuTTY page for manicapital.com". Archived from the original on
^Amies, A; Wu, C F; Wang, G C; Criveti, M (). "Networking on the cloud". IBM developerWorks. Archived from the original on
^Tatu Ylönen. "The new skeleton key: changing the locks in your network environment". Archived from the original on
^Tatu Ylönen. "SSH Port". Archived from the original on
^Nicholas Rosasco and David Larochelle. "How and Why More Secure Technologies Succeed in Legacy Markets: Lessons from the Success of SSH"(PDF). Quoting Barrett and Silverman, SSH, the Secure Shell: The Definitive Guide, O'Reilly & Associates (). Dept. of Computer Science, Univ. of Virginia. Archived(PDF) from the original on Retrieved
^"Secsh Protocol Documents". VanDyke Software, Inc. Archived from the original on
^"SSH Frequently Asked Questions". Archived from the original on
^"libssh".
^"A GNU implementation of the Secure Shell protocols". Archived from the original on
^"Dropbear SSH". Archived from the original on
^"RFC ". Section 5. Compatibility With Old SSH Versions. Archived from the original on , IETF
^"OpenSSH: Project History and Credits". manicapital.com Archived from the original on Retrieved
^"OSSH Information for VU#". Archived from the original on
^Sobell, Mark (). A Practical Guide to Linux Commands, Editors, and Shell Programming (3rd Edition). Upper Saddle River, NJ: Prentice Hall. pp.&#;– ISBN&#;.
^RFC
^ ^a^bStebila, D.; Green J. (December ). "RFC - Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer". Archived from the original on 19 July Retrieved 12 November Cite journal requires (help)
^Miller, D.; Valchev, P. (September 3, ). "The use of UMAC in the SSH Transport Layer Protocol / draft-miller-secsh-umactxt". Archived from the original on 19 August Retrieved 12 November Cite journal requires (help)
^RFC
^RFC
^"SSH Insertion Attack". Core Security Technologies. Archived from the original on
^"Vulnerability Note VU# - Weak CRC allows packet injection into SSH sessions encrypted with block ciphers". US CERT. Archived from the original on
^"SSH CRC Compensation Attack Detector Vulnerability". SecurityFocus. Archived from the original on
^"Vulnerability Note VU# - SSH CRC32 attack detection code contains remote integer overflow". US CERT. Archived from the original on
^"Vulnerability Note VU# - Weak CRC allows last block of IDEA-encrypted SSH packet to be changed without notice". US CERT. Archived from the original on
^ ^a^b"Vulnerability Note VU# - SSH-1 allows client authentication to be forwarded by a malicious server to another server". US CERT. Archived from the original on
^"How to use SSH keys for authentication". Up Cloud. Retrieved 29 November
^ ^a^b"Vulnerability Note VU# - SSH CBC vulnerability". US CERT. Archived from the original on
^Tatu Ylonen. "BothanSpy & Gyrfalcon - Analysis of CIA hacking tools for SSH", manicapital.com, 3 August Retrieved 15 july

Источник: [manicapital.com]

What’s New in the Web Page Creator 7.6 serial key or number?

Screen Shot

System Requirements for Web Page Creator 7.6 serial key or number

First, download the Web Page Creator 7.6 serial key or number
You can download its setup from given links:

Download link

Tags:Microsoft Windows 2000 Server Full serial key or number Disc Juggler v3.00.449 serial key or number 5 Card Poker Collection v1.3 serial key or number Clean Disk Pro v3.4.2 serial key or number Gta 4 serial key or number Office Microsoft XP Professional Original CD-Key serial key or number Eset Nod 32 V.4 serial key or number

Release Notes for WS_FTP&#; Server , WS_FTP Server with SSH, and WS_FTP Server Corporate

Security Update:

Security Update: Patch

Security Update: Patch

About this document

What is WS_FTP&#; Server?

WS_FTP Server Product Family

Update for Ad Hoc Transfer Module and Ad Hoc Transfer Plug-in for Outlook

New in

File transfers in WTM and Ad Hoc now display a progress bar indicating percentage of transfer completed. This feature is not available in IE9.

New in

New in

New in

New in

New in

System requirements for WS_FTP Server

WS_FTP Server

Ipswitch Notification Server

WS_FTP Server Manager

Installing WS_FTP Server on Windows Server or

Installing WS_FTP Server

Fixed in

Fixed in

Fixed in

Fixed in

Fixed in

Fixed in

Fixed in

Known Issues in All Versions

OpenSSL conflicts when installing WS_FTP Server V or later

Upgrading WS_FTP Server V to V or later (PostgreSQL)

IP Lockouts do not carry over failed logon attempts after cluster failover

Unhandled exception when using AHT and switching nodes after a failed send

Unable to resume transfer or delete file after failover

Unable to delete files in the Web Transfer Client after failover

Error connecting in FIPS mode (FIPS mode cannot use the pre-7 default SSL certificate)

IIS notes

Configuring the database for remote connections

Other notes

Uninstalling WS_FTP Server

For more assistance

Installing and Configuring the WS_FTP Server Web Transfer Client

Installing and Configuring the Ad Hoc Transfer Module

General Questions

What are the differences between Revu Standard, CAD and eXtreme®?

Can I transfer Revu from one computer to another?

What operating system does Revu run on?

What do I do if my hard drive crashes and I need to reinstall Revu?

Does Revu support PDF forms?

How can I learn more about Revu training programs?

My clients do not have Revu. If I send them a file, will they be able to view my markups in another PDF viewer?

Where did Bluebeam Vu go? Is View Mode similar to Bluebeam Vu?

Is Revu localized in other languages?

How to Purchase Revu

Do I need to purchase a subscription?

Can I use a trial version of Revu prior to purchase?

Does Bluebeam offer any educational discounts?

How do I buy an older version of Revu?

How to Upgrade Revu

What is a minor upgrade?

What is a major upgrade?

What if I upgrade AutoCAD, Revit, Navisworks or SolidWorks and do not have the latest version of Revu?

How do I upgrade my current Revu edition to a different one?

Compatibility and Integrations

Does Bluebeam Revu integrate with any Document Management System (DMS)?

Can Revu run in a Citrix environment?

General Questions

What is Studio?

What are Studio Sessions?

What are Studio Projects?

What type of permissions are available in Studio?

Do I need to own Revu to access Studio?

Studio Session and Projects Comparison

Studio Prime

What is Studio Prime?

Do I need to own Revu to use Studio Prime?

What are the different types of users within Studio Prime?

How does an Administrator access the Studio Prime Portal to manage users and generate reports?

What is the Studio API?

What is Folder Automations?

What are the differences between Revu Standard, CAD and eXtreme^®?