Version 6.2 Build 452.1
SPECIAL NOTES ABOUT THIS UPDATE:
Version 6.2 Build 452.1 is a major update with major new enhancements to the web server. It includes many improvements and fixes. If you are up-to-date with Wildcat! versions, this is essentially a plug and play update. However, there were improvements and hence changes to the Web Clients Interfaces (the internal templates), so if you have customized any of the internal templates, please read the special upgrade notes for this version.
Changes, Fixes, New Features and Enhancements by Wildcat! Component
WCSERVER (Wildcat! Server)
- NEW: IP Track/Block Packer
The Wildcat! Server will now support the monitoring and cleanup of temporarily blocked IP address in a new sub-folder "IPTRACK\".
Once a IPTRACK\*.BLK file is added, the server will monitor and automatically delete the temporary IP block when the block has expired.
IP address *.BLK files are added to this folder by the internet hosting clients, which at the moment only the Wildcat! FTP Server supports.
See the new IP Tracking/Blocking options for the FTP Server under WCCONFIG.
- NEW: New WCSDK function CheckClientAddressEX()
This new SDK function is used by the various Internet Hosting servers to check for temporary WC:\IPTRACK\*.BLK files. When a connection comes in, the IP address is check. If a BLK file is found, the connection is dropped.
- ENH: Minor fix/enhancement to SearchFileByXXXX SDK functions.
The two Wildcat! SDK functions:
SearchFileByAreaName() and
SearchFileByNameArea()
are designed to find the first record that matches the area or file name specified. A fix was done so that proper first record is found, and in addition support for "wildcards" was added for the file name.
- NEW: A new "Last Call Date" index file
The user database now has a new key called UserLastCallKey which will allow applications to search for users by their last call date.
When starting the new wcServer for the first time, it will automatically create the new index file.
- FIX: Run Configuration from Wildcat! Server system tray
Now you can run the Wildcat! Configuration by right clicking the WCSERVER icon on the system tray. This feature was exactly added in the previous update, however, it wasn't quite working when there were multiple Wildcat! Servers running on the network and/or one or all of the Wildcat! servers was running under Windows XP/2003. See the item below discussing Wildcat! Networking under XP/2003.
- NEW: Wildcat! Networking on XP/2003
With Windows XP/2003 or better, new OS security features blocks remote RPC clients from accessing RPC servers, hence Wildcat! Networking capabilities were broken. i.e, you can't run WCONLINE, WCLOCAL, WCNODE, etc on a remote machine when the Wildcat! Server is running on XP/2003 or better.
The Wildcat! RPC server was modified to allow RPC client access from a remote machine on the LAN. This allows for Wildcat! Networking operations to continue to work.
However, Windows XP/2003 must still allow it. The following Microsoft registry setting can be set to open it up again:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\RPC]
"RestrictRemoteClients"=dword:00000000
This key will not exist, you will have to create it by using the Registry Editor.
Please note Wildcat! secures remote RPC client access by using the Networking IP access table option under WCCONFIG System Securities. This Microsoft security feature was designed for other RPC based products who are not as advanced as the Wildcat! Server which already offered RPC client access control features.
WCCONFIG (Wildcat! Configuration)
- NEW: New IP Tracking/Blocking options
A new IP Tracking/Blocking option was added to WCCONFIG FTP SERVER setup. If enabled, FTP hackers attempting to use a brute force password entry will be temporarily blocked.
See the help for this new FTP Server setup section.
WCNODE (Wildcat! Node Monitor)
- FIX: Fixed the WCNODE /server switch option
WCNODE was not correctly passing the /SERVER switch to connect to the Wildcat! server specified at the computer defined by /SERVER.
- NEW: Added a Event signal to WCNODE
The event allows detection if WCNODE is already running.
WCSSLCONFIG (Wildcat! SSL Configuration)
- ENH: SSL v3.0 security level support
By default, Wildcat! SSL uses SSL level 2.0 encryption for SSL operations. Now you can use SSL level 3.0 by changing the Cipher Suite defined in your SSL configuration option.
If you want to use level 3, run WCSSLCONFIG and change the cipher suite field to:
Cipher Suite: ALL:!ADH:RC4+RSA:+SSLv3:@STRENGTH
- NEW: New WCSSLCONFIG wizard option.
A new wizard option to update an existing (expired) certificate with a new certificate was added to the wizard page.
WCWEB (Wildcat! WEB Server)
- ENH: Improved Web Server Authentication Logic and Flow.
The web server was improved to offer a better flow of login errors for BASIC, DIGEST and COOKIE based authentication. While customers upgrading to the new system should see an improvement, the new WCWEBAUTH.ZIP contains a new http\errors\errors.wct which needs to be use to fully realize the benefits. If you updated via AUTOUPDATE, you may need to unzip the wcWEBAUTH.zip file to extract the new http\errors\errors.wct. You may also read the README-WCWEBAUTH.TXT for more information.
Overall, errors.wct is designed to be the catch all display file for all login errors, offering control on what features are enabled on your system, such as closed system vs closed questionnaire vs validation. It will give users a better understanding of why they failed to login in. It is highly recommended to begin using the new errors.wct. However, it is not required and your system system will work with your current errors files already in place.
- ENH: New/Enhanced WEB Server Client Interface
There were extensive improvements and new features added to the clients portion (MESSAGE, FILE, WHO, CHAT, PERSONAL) of the Wildcat! Web Server Interface.
The following summarizes the new enhancements:
Major emphasis on using style sheets (CSS file) across the board allows for better customization of the pages. You will fine new *.CSS files in your template folder,
Improved page header now shows a "GOTO CLIENT" pull down menu to quickly jump to the various clients,
The chat client was greatly improved with a better POPUP window and increased reliability in starting the Java Chat module. The chat popup window is now called the "Wildcat! Chat Monitor." This window is required to establish the telnet connection the Java Module requires for communications.
Menu icon/images were added to various displays link options.
Streaming audio (MP3 and WAV files) is now possible with the new Wildcat! system. Users do not need to download to play them. They can play the audio right from your web site.
The file upload now has a progress bar display when uploading a new file,
The file info page will now has an optional "media" display file that can be used to display images and/or play MP3 sounds.
The file listing page now checks for MP3 files to add a Play Button (red arrow) to begin streaming the audio,
A new Personal Properties Layout allows for 3rd party/Sysop capability of adding additional custom personal properties pages.
An enhanced Who's Online with buttons to email users, change the refresh time and turn on/off the audio.
New audio notifications were added for various actions. The user can turn on/off the audio notification under his personal properties.
And many other new Web Server improvements.
- NEW: New HTTP\TEMPLATE\CUSTOM folder allows for customization.
You can now edit any of the template file and put a edited copy in a sub-folder CUSTOM off the HTTP\TEMPLATE directory. This will override any request for the same file in the stock HTTP\TEMPLATE folder. You have to first create this CUSTOM folder when you intend to use this new powerful feature.
- ENH: Faster New Files Scanner
The web new files scanner was drastically improved. It is unbelievable faster than ever before!
WCFTP (Wildcat! FTP Server)
A few new features were added to help better stop hackers attempt to use brute force logins at the FTP server:
- NEW: Check USER account at the FTP "USER" command.
Added logic to check the user name at the USER command rather than wait until the PASSword command is entered.
- NEW: Supports Maximum Password Attempts
Added support to honor the WCCONFIG | System Security option "Maximum Password/Login Attempts" which is currently only supported via console (TELNET/DIALUP) connections.
- NEW: New IP Tracking and temporary blocking support added.
See IP Tracking/Blocking under the FTP Server setup in WCCONFIG.
WCPOP3 (Wildcat! POP3 Server)
- FIX: Fixed Pocket PC Login problem with POP3 Server.
Fixed SASL authentication where the client might be sending the user name in two packets, the 2nd one with the <CR><LF>. The new logic checks for the <CR><LF> and reads 2 characters if missing. This fixed how Pocket PC (Emulator) was failing to login into the POP3 Server.
- NEW: New IP Tracking and temporary blocking support added.
See IP Tracking/Blocking under the POP3 Server setup in WCCONFIG.
WCSMTP (Wildcat! SMTP)
- NEW: New logic to skip HELO/EHLO validation.
If PORT 587 is used for the client connection, then the HELO/EHLO validation is skipped. This is done on the basis that PORT 587 (SUBMIT PROTOCOL) requires ESMTP AUTH authentication.
This should allow MUA programs (like ThunderBird v1.x) to work (able to send mail, received works fine) when they are installed behind a NAT with a private machine address.
- FIX: Fixed login authentication problem with PDA mobile devices.
WCLISTSERVE (Wildcat! List Server)
- N/A
WCRADIUS (Wildcat! RADIUS Server)
- NEW: wcRADIUS now offers new "Strip Email Domain" option
A new general option "Strip Email Domain From Login Name" was added allowing for user's to login with their full email address. If theuser name part of the email address is a valid wildcat! user account name, then the user can login successful. This stripping option is enabled by default.
See the wcRADIUS | Tools | Options setup page.
WCSAP (Wildcat! Sender Authentication Protocol)
- FIX: CBV will now stop WCSAP when a rejection occurs.
If you had changed the order of WCSAP testing by performing CBV before the others methods, this fix corrected CBV to stop any further wcsap testing when a CBV rejection response is received from the remote SMTP server.
WCBASIC (Wildcat! BASIC Software Dvelopment Kit)
- See wcBASIC/WCSDK Update Information.
WCSDK (Wildcat! Software Development Kit)
- See wcBASIC/WCSDK Update Information.
WCT (Wildcat Template Processor)
- See Wildcat Template System.