Archive for September, 2010

KitCAD i3 KGC feature listing matrix

Monday, September 27th, 2010

feature matrix

Uploaded a PDF document of the KitCAD i3 KGC feature listing matrix (light technical edition); 2010 revised version

See: 2010_feature_listing.pdf

KitCAD i3 Silent security upgrades for webserver versions

Tuesday, September 14th, 2010

There has been some security changes made to the online version of KitCAD i3 KGC. Some of changes have been ported to other the versions of KitCAD i3.

The online versions now include a file titled kitcad_secure.cgi to catch information supplied by bad logon requests and record it into /htdocs/login/{user}.error

A suggested method of blocking bad logon requests should be based on time between failed login attempts. Code isn’t supplied to perform blocking of bad password senders at this time (has to support Ipv6 and Ip addresses). One example; A external cron-job file run by other processes apart form KitCAD i3 KGC could be started to scan for *.error files and set read-only attributes for time-out periods, etc.

Password issues with OpenId enabled users have been corrected (support for 1m combos), see fix

No update to the KitCAD i3 KGC version information was performed. Re-Uploaded with same version date of 27th August, 2010

Note: the KitCAD i3 KGC XAMPP(win)/WAMPP2(win) versions do not support security settings by default.