episec about episec services offered pricing of services press releases contact us people: public employee pages security: methods and methodologies learning: episec custom courses site map episec service support
episec  
link: navigation menu



Episec Service Support


We offer a number of third-party support packages for open-source software that was written with security in mind, and on a variety of operating systems.

Support packages
Custom code
Supported software
Further support


Support packages

Basic - installation, operation, bug reports; remote troubleshooting. We'll assist in service set-up, if you need it, in addition to configuration troubleshooting should something go awry. All of this can be done remotely.

On-Site - installation, operation, bug reports; potential on-site troubleshooting. In addition to Basic support, we'll be at your beck and call to come in whenever you need us. We currently support the New York City area, though if you need service outside of New York, we may still be able to fulfill your needs.

Code-Level Debugging - we'll fully debug any software that we support, and we'll corrrect the bugs ourselves. This goes for all bugs, even those that do not pose security threats. We'll get our changes out to you, and we'll also send them back to the maintainer for inclusion in future updates.

Custom code

We love contributing back to open-source projects. If you need a feature present in a supported open-source software package, and you need it yesterday, we can help. We'll first need to check to ensure that the author will be willing to accept such a feature, after which we'll code it, submit a patch, and, of course, support it. If the author won't accept the new feature, or if you'd rather keep these modifications private, some additional costs may apply.

Supported software

Unlike many companies, we don't support just any software. We support programs that we, as a security company, would feel comfortable having our clients run. Software must pass a cursory review of coding practices, must have security-minded authors, and must be robust enough to run in a heavily trafficked production environment. When you contact us for support, you'll get people who are well versed in the program at hand, people who are familiar with the ins and outs of its functionality.

A sampling of the software we support is included below. For best results, you'll want to contact us and ask.

  • vsftpd - We support all facets of vsftpd, including anonymous logins, ftp jails, connection limiting/management, sendfile, and SSL.
  • pure-ftpd - all facets, including rate limiting, virtual users with database authentication, ftp jails, anonymous logins, sendfile, and SSL.
  • openssh - all facets, including keys and permissions, subsystems (scp, sftp), port forwarding, chroot(2) user environments, and chroot()ed sftp sessions.
  • qmail - all facets, including virtual domains, the supervise environment, tcpserver, and many third-party patches. Note that due to stringent policies, it is unlikely that the qmail author will accept code contributions directly, so desired code modifications may be made available as additional third-party patches.
  • djbdns - all facets, including cdb management, caching nameservers, split DNS, zone transfers, and client restrictions.
  • many more - This is just a sampling of the software packages that we support. Please contact us for more information and for a quote.

Further support

If we don't already support the software you're requesting, here's what we can do for you: We'll run our standard cursory audit (free of charge) and get back to you. If you procure our services for it, we'll rip it apart, study the code, stress test it, and intentionally break it in a number of ways to see how it reacts. Your support fees won't start until after we're confident in our abilities with the software.