Upgrade to v6.2.21 now (and be safe from the Terrapin Attack)

Every once in a while something happens that shakes up an entire industry. This is one such time.

The Terrapin Attack (CVE-2023-48795) affected practically every SSH server from every vendor on the planet. And though the bug wasn’t in our own code, we inherited it from Go’s ssh package, so our server software ended up being affected as well.

Kudos to the Go developers who identified and fixed the issue before the CVE was even made public! We will be forever grateful to them, as their timeliness allowed us to release v6.2.21 before this problem affected any of our customers.

We did our part, now it’s all up to you: to make sure your Syncplify Server! is protected from the Terrapin Attack, please, upgrade to v6.2.21+ with the utmost level of urgency. Thank you!

More than 100,000 attacks on V6. Zero hacks.

This is mostly an update to a previous post we published some time ago.

Our honeypot Syncplify Server! V6 has been up for about a month now, while we work hard on developing the management UIs, and it has received more than 100K attacks thus far: 114,671 at the time this post is being written, to be precise.

The good (very good, actually) news is that none of those attacks has yielded any result to the attackers. Nothing. Nichts. Nada.

They tried.

They failed.

Syncplify Server! V6 wins. 🙂

V6 is safer than ever

We just ran the full suite of updated metasploit tests against the latest Syncplify Server! V6 alpha, and we’re happy to announce that our new version withstood all attacks without even breaking a sweat.

The new and improved ProtectorTM was able to identify all known and unknown attacks, add all attacking IP addresses to the block-list, without ever using more than 0.28% of the VM’s combined vCPU core capacity.