|
|
|
Features Introduced in Reflection for Secure IT UNIX Server 6.0
Technical Note 1902
Last Reviewed 31-May-2006
Applies To
Reflection for Secure IT UNIX Server version 6.0
Summary
Technical Note 1902
Last Reviewed 31-May-2006
Applies To
Reflection for Secure IT UNIX Server version 6.0
Summary
This document lists the features introduced in and platform support in Reflection for Secure IT UNIX Server version 6.0.
Note the following:
- Reflection for Secure IT version 7.0 is available beginning in February 2008. For a list of new features in 7.0, see Technical Note 2274. For information about purchasing Reflection for Secure IT, please e-mail us: SalesRecept@attachmate.com.
- Beginning with version 6.0, the F-Secure SSH product line has a new name: Reflection for Secure IT.
This note is divided into the following topics:
Reflection for Secure IT Server Security Vulnerability Update
Features Introduced in Version 6.0
Supported Platforms
Product Manual
Technical Support
Features Introduced in Version 6.0
Supported Platforms
Product Manual
Technical Support
Reflection for Secure IT Server Security Vulnerability Update
A security vulnerability, which affects Reflection for Secure IT UNIX Server version 6.x, was fixed in Reflection for Secure IT UNIX Server version 6.0.0.9.
This build fixes a format string vulnerability in sftp server logging. Without this fix, a remote attacker may be able to execute arbitrary code via the user's privileges if they can persuade an authenticated SSH user to stat a specially-crafted file. A malicious authenticated user could also launch a denial-of-service attack against the SSH server.
For more information, please see Technical Note 1882.
Features Introduced in Version 6.0
The following features were added in version 6.0 of Reflection for Secure IT UNIX Server.
- Event log for maximum password attempts.
The server now logs data indicating when the number of maximum password attempts has been exceeded for a user. See the product manual (Chapter 1) for details.
- Certified compliance with the DoD PKI.
Version 6.0 of the Reflection SSH UNIX server supports the DoD PKI (Department of Defense Public Key Infrastructure), a fundamental component of the Department of Defense’s Net-Centric vision, which is essential to providing enhanced Information Assurance and Identity Management capabilities. Reflection for Secure IT UNIX Server was certified in 2005 at DISA’s JITC PKI Certification Lab.
- A new ssh-certtool is available. You can use ssh-certtool to create PKCS#10 certificate requests, including specification of the Subject Alternative Name extensions.
- The ssh-certenroll2 tool has been renamed to ssh-cmpclient.
- The ssh-certview tool has been extended to be able to display more certificate extensions.
- The Reflection SSH UNIX server is compatible with OpenSSH scp.
- Key codes are no longer required for installation.
- Time-limited evaluation is extended.
If you are considering purchasing Reflection for Secure IT, you can now obtain an evaluation version and use it for up to 60 days. To request an evaluation version, click Trial Versions from http://support.attachmate.com/downloads/.
- New platform support:
SUSE Enterprise Server 9 (x86-64)
Red Hat Enterprise Linux 3 (x86-64)
Sun Solaris 10 (x86-64)
Sun Solaris 10 (x86)
Sun Solaris 9 (x86)
Red Hat Enterprise Linux 3 (x86-64)
Sun Solaris 10 (x86-64)
Sun Solaris 10 (x86)
Sun Solaris 9 (x86)
Supported Platforms
The following operating systems and hardware platforms are supported in Reflection for Secure IT UNIX Server version 6.0.
Operating System (Hardware platform)
IBM AIX 5.3 (POWER)
IBM AIX 5.1 and 5.2 (POWER)
IBM AIX 4.3 (POWER)
HP/UX 11 (PA-RISC)
HP/UX 10.20 (PA-RISC)
HP/UX 11 (Itanium)
Red Hat Enterprise Linux 3 (x86-64) *
Red Hat Enterprise Linux 3 (Intel x86)
Red Hat Enterprise Linux 3 (Itanium)
Red Hat Enterprise Linux 2.1 (Intel x86)
Red Hat Enterprise Linux 2.1 (Itanium)
SuSE Linux Enterprise Server 9 (x86-64) *
SuSE Linux Enterprise Server 9 (Intel x86)
SuSE Linux Enterprise Server 9 (Itanium)
SuSE Linux Enterprise Server 8 (Intel x86)
Sun Solaris 10 (x86-64) *
Sun Solaris 10 (x86) *
Sun Solaris 10 (SPARC)
Sun Solaris 9 (x86) *
Sun Solaris 9 (SPARC)
Sun Solaris 8 (SPARC)
Sun Solaris 7 (SPARC)
Sun Solaris 2.6 (SPARC)
Sun Solaris 2.5.1 (SPARC)
Tru64 UNIX (Alpha)
SGI IRIX 6.5 (MIPS)
IBM AIX 5.1 and 5.2 (POWER)
IBM AIX 4.3 (POWER)
HP/UX 11 (PA-RISC)
HP/UX 10.20 (PA-RISC)
HP/UX 11 (Itanium)
Red Hat Enterprise Linux 3 (x86-64) *
Red Hat Enterprise Linux 3 (Intel x86)
Red Hat Enterprise Linux 3 (Itanium)
Red Hat Enterprise Linux 2.1 (Intel x86)
Red Hat Enterprise Linux 2.1 (Itanium)
SuSE Linux Enterprise Server 9 (x86-64) *
SuSE Linux Enterprise Server 9 (Intel x86)
SuSE Linux Enterprise Server 9 (Itanium)
SuSE Linux Enterprise Server 8 (Intel x86)
Sun Solaris 10 (x86-64) *
Sun Solaris 10 (x86) *
Sun Solaris 10 (SPARC)
Sun Solaris 9 (x86) *
Sun Solaris 9 (SPARC)
Sun Solaris 8 (SPARC)
Sun Solaris 7 (SPARC)
Sun Solaris 2.6 (SPARC)
Sun Solaris 2.5.1 (SPARC)
Tru64 UNIX (Alpha)
SGI IRIX 6.5 (MIPS)
* Newly supported platforms in version 6.0.
Product Manual
See the SSH for UNIX Client and Server Reference, for information about installing and configuring Reflection for Secure IT. The manual (pdf) is linked from http://support.attachmate.com/manuals/sshdocs.html.
Technical Support
For technical assistance with Reflection for Secure IT, contact Attachmate Technical Support at http://support.attachmate.com/contact/.
