1 2 Previous Next

Geek Speak

30 Posts authored by: jonathan at solarwinds

Interested in a companion to Microsoft SCCM that improves the way you support your far-flung users and machines?



What does SCCM do?


Windows Administrators use System Center Configuration Manager (SCCM, previously ConfigMgr or SMS) to manage dozens or hundreds of remote desktops, laptops, and servers far-throughout their network. In addition, SCCM offers some remote control, access, and support features above and beyond what's offered by simple RDP and command-line controls.


What does SolarWinds offer that's better?


Like SCCM, SolarWinds' DameWare offers remote control, access, and support capabilities. However, DameWare adds functionality that helps SCCM users save time and do more with less.

  • Adds convenient built-in chat, file transfer & one-click screenshot utilities
  • Adds the ability to delegate levels of access other than "full" and "read-only" to help desks & junior technicians
  • Adds the ability to quickly roll out or shut down services & scheduled tasks on dozens or hundreds of machines at once


Though built-in VNC capabilities, DameWare ALSO allows you to control your Linux and Mac machines from the same console you use to control Windows machines.


Where can I learn more?


Check out our new comparison of SCCM and DameWare. Or try DameWare for yourself in your own environment by downloading the full-featured 30-day free trial.

Tax day got you down?  Here's a free offering that ought to cheer you up: after a short hiatus an all-new Free Edition of our popular Kiwi Syslog Server will be returning next week!




As in previous releases, the Free Edition will allow you to collect syslog messages and SNMP traps from multiple devices.  It can write the collected logs to disk, split by priority or time of day, or display them in one of up to ten different viewers.  Message statistics will be available in the management console and may be sent in a summary email once a day.  A source limit of five devices will be placed on the Free Edition, but these five sources can be of any type that sends syslog messages via UDP or TCP, or emits SNMP traps.


The Commercial Edition will be an unlimited edition that will add monitoring, retention, automation and web administration functionality.  It will improve log organization by allowing you to split up your logs by device, functional role or message contents, and then will help you implement your log retention policy with automatic grandfathering and clean-up rules.


Learn More and Download


The link below will take you to the all-new Free Edition. This link will go live by 5:00 PM (CDT) on April 23, 2013.


(Hint: click the link - may be a 404 - but then BOOKMARK it for next week!)

Need to transfer files securely from your Mac?  All you really need is Safari and the web transfer interface on a Serv-U Server.  That lets anyone sign on with a web browser to upload and download files. In addition, Serv-U supports non-Safari browsers, built-in file transfer utilities, and third-party FTP clients on Mac OS X.  Read on to learn more!



How to Transfer Files with a Web Browser

Your favorite Mac OS X web browser can be used to transfer files as well as to work with and edit files and folders.


Web browsers can even be used to run the Serv-U web-based management console without needing to install additional plug-ins by simply enabling JavaScript and cookies. The following major browsers are supported with the basic web client and web administration are:

  • Microsoft Internet Explorer 6.0+
  • Mozilla Firefox 2.0+
  • Opera 9+
  • Apple Safari 3+
  • Google Chrome 1+

How to Transfer Files with Native Mac OS X Applications

Using Mac OS X's FTP/S Finder Support

  1. Go to Finder on the Mac desktop, and click on "Go"
  2. At the bottom of the menu that opens up underneath "Go," click on "Connect to Server," or hit command + K on the keyboard
  3. In the text box that appears, type in either "ftp://" (for FTP) or "ftps://" (for FTPS), and then the IP address or hostname of Serv-U FTP_Mac_Finder.png
  4. Click "Connect"
  5. You will then be connected to the server in your finder window
  6. Click on any folders that appear in the text box, and download whichever files you would like by dragging them to your desktop, where you'll be able to open and edit these files

Using Mac OS X'x SFTP Command-Line Client

  1. Open a terminal window
  2. type "sftp username@host_server" where "username" is your username on Serv-U and "host_server" is the IP or hostname of Serv-U
  3. If prompted to accept the remote server's key, select "yes" ("OK" or accept the key)
  4. Enter your password when prompted


Ready to Try It?


Download the Serv-U FTP Server free for 30 days with our free trial, or head over to our Serv-U online demonstrations server to try Serv-U's web, FTP, FTPS or SFTP interfaces without installing Serv-U.

20% of Desktop PCs Still Run Windows XP


Microsoft's official "end of support" date for Windows XP is coming up on April 8, 2014 - just one year from today.  Meanwhile, the percentage of computers running Windows XP continues to drop, but is still about 20% of all desktops and laptops, according to StatCounter.


Source: StatCounter Global Stats - Operating System Market Share


If you count yourself among the Windows administrators and help desk professionals responsible for supporting Windows XP computers or end users running Windows XP, you may want to take a quick look at SolarWinds's DameWare software.  DameWare's Remote Support edition provides both unattended remote system access and end user screen sharing in a single package.  It can use RDP, but also offers its own optional single-port protocol that is often useful if your environment runs firewalls between the computers and end users you need to support.  Unlike native Remote Console capabilities which vary between operating systems, DameWare also behaves consistently on Windows XP, Windows 7 or any other Windows OS, providing universal support for multiple monitors, simultaneous sharing sessions and other "must have" features in a remote access package.

If you rely on a Huawei router or firewall configuration, you can use Kiwi Syslog Server to monitor and archive network activity.  Read on to learn how. 


What is Syslog Again?

Syslog is a standard used to log and route messages like router connection messages and firewall warnings in an IP network. The syslog standard promotes efficient management of enterprise systems by integrating log data of events occurring on computer systems like UNIX and Linux collected from a wide array of sources, including network devices, routers, and firewalls.  Each computer involved will send small text-based messages known as syslog messages to a dedicated syslog server every time an event is generated. The syslog server then saves the received messages in a log file. Because syslog is supported by a wide variety of routers, firewalls, applications and operating systems, syslog servers are often used to collect, monitor and archive logs from many different machines - often the entire network! 

What Makes Kiwi Syslog Special? 

Kiwi Syslog Server provides an easy-to-install, easy-to-maintain solution for collecting, monitoring and archiving syslog messages, SNMP Traps and Windows event log messages.  It installs on a Windows machine and runs as a service for unattended 24/7 operation.  It can listen to almost all types of syslog traffic from basic UDP messages to secure TCP streams.  Upon receiving messages, it can display them to a local GUI or (in the commercial version) to a Web console.  It can also read incoming messages and react to them.  Finally, it can write incoming messages to disk and will then automatically manage (i.e., "age" or "grandfather") the resulting log files. 

More to the point, Kiwi is often installed by sysadmins who need to "just store the logs" for auditors or corporate requirements, and who then want to get notified of certain events or when certain routers make noise.

How Do I Configure My Huawei Router to Send Logs Via Syslog?

Huawei offers two different router series: AR and NE routers. The AR router series is designed to meet the demands of a wide variety of industries, with high flexibility, agility, security and reliability. These are lower network cost routers that are easy to maintain. The NE series routers are high-end solutions meant for telecom data communication networks, and can be deployed as a P/PE router in IP core and metro networks.

After authenticating to a typical Huawei NE router, just two commands are generally needed to start logging to a remote syslog server.  The first turns logging on.  The second tells the router where to send the logs, which "facility" to use, and which language to use.

info-center enable

info-center loghost facility local4 language english

You should plan to change the IP address - set that to the machine running Kiwi Syslog.  You may also want to change your "facility" value, shown as "local4" above.  (It's common for firewalls to use "local4" and routers to use "local7," but you may set these values as you wish.) 

How Do I Configure My Kiwi Syslog Server to Receive Huawei Syslog Messages? 

After you download and install Kiwi Syslog, its default settings will begin looking for syslog messages that are sent to UDP port 514.  As long as you entered the IP or hostname of your Kiwi Syslog server in your Huawei router, you should be able to receive Syslog messages immediately.  (If you cannot see any messages, make sure there are no firewalls, routers or OS-level firewalls blocking Syslog access between your Huawei router and your Kiwi Syslog server.)

The Kiwi Syslog server features advanced collection options and specific security options such as TCP. The server also provides advanced options for monitoring and archiving, including the ability to write each router's logs to their own files and implement automatic clean-up after a period of X days. 

Get even more specific Kiwi Syslog tips in the Kiwi Syslog Space on thwack, SolarWinds' community and forum.

Google_Drive_All_Your_Files_Are_Belong_To_Us.gifEnd users' attraction to Google Drive is built on one key concept: "I can access my files from anywhere."  End users who have been paying attention in your security training also like the fact that all connections to Google Drive are secured with HTTPS.


However, Google Drive, er, drives IT administrators nuts because it encourages people to send critical business documents to an untrusted provider.  This isn't just paranoia - it's actually baked into Google's terms of service (TOS).


According to the TOS, Google will not take away any "intellectual property rights" your business claims on its own files.  However, the same TOS permits Google to "use...reproduce, modify, create derivative works, communicate, publish, publicly perform, publicly display and distribute such content."  $100 says that's not the same policy you offer on your SAN storage.


SolarWinds Alternative to Google Drive



1) Install Serv-U MFT in your data center, private cloud, or other system under IT's control.  (Did we mention it can run on Windows or Linux?)

2) Point Serv-U MFT to your Active Directory.  This allows your employees and contractors to authenticate using their existing credentials and saves you the trouble of having to duplicate their accounts on Serv-U.  (You can also create additional Serv-U accounts for customers and partners without accounts on Serv-U.)

3) Point Serv-U MFT to your primary NAS or other shared storage (often, wherever you keep your users' home folders or corporate documents).  This allows people to securely access the same material they would in the office from anywhere in the world.

4) Instruct your users to connect to "https://yourserver/" using the browser, tablet or mobile device of their choice.  After they sign on with their usual credentials, your users will be able to work with the same files they use in the office.


If this makes sense (and Google Docs drives you nuts too), find sanity by downloading a Serv-U trial or trying out the interface online now.

In yesterday's Dark Reading, security researcher Bruce Schneier took a swipe at security training:


"If four-fifths of company employees learn to choose better passwords, or not to click on dodgy links, one-fifth still get it wrong and the bad guys still get in."


It's not every day that I disagree with the author of Blowfish, but this is one of those days.


Not Every Lapse Is Fatal


The result of a security lapse is often a mass send to an address book, the installation of a "crapware" toolbar, or another annoying but non-fatal result.   Several factors help explain why this is.

  • AV Filters Many Generalized Attacks: Installation of generalized malware such as trojan horses and keyloggers will usually be detected by signature or heuristic-based anti-virus packages.  If these attacks aren''t stopped by your email server's AV, they will often be stopped by your desktop AV. 
  • Targeting Your Company Exposes the Attacker: Attacks directed specifically against your company (think disgruntled employees or competitors) often have a "social" component that identifies the perpetrator, exposing them to civil or criminal penalties if detected.
  • "Need to Know" Already Protects the Crown Jewels: Senior company officials with access to the most sensitive materials will often already have better-than-average security awareness, such the ability to pick up on a suspicious inbound phone call that's part of a social engineering hack.


People Want a "Fast Computer"


What do end users complain about constantly?  "My desktop/Internet/laptop/network is S-L-O-W!"  My suggestion?  The next time you remote in and "fix the slowness" by undoing their security mistakes, show them how keeping their computer free of crapware and toolbars (which they get from questionable sites and emails) will keep things running well. 


In a classroom setting, advice like this may go in one ear and out the other.  But a one-on-one while you're fixing a relatively minor problem may keep that user from being "that guy" who clicks on the link that introduces a virus or trojan down the line.


No One Wants to Be "That Guy"


Let's face it: no one wants to be "that guy," and a great way to become "that guy" is to have your email used for a spam campaign, have a NSFW toolbar added to your browser, or lose control of your home page.  If someone in your department/floor/team becomes "that guy", office gossip alone alone encourages self-education (e.g., "how can I avoid what was he doing?") because no one else wants to be "the next guy."  This means that if you've trained ANY percentage of your users, you'll already have local experts on teams working to train their fearful coworkers whenever a local (and usually non-fatal) security lapse occurs.


Conclusion: "Mostly Trained" Beats "Not Trained"


In the binary world of bits and bytes, it's tempting to strive for zero-tolerance policies like "train them all or nothing is safe."   But the whole concept of risk-based security is based on the simple fact that an organization can never be completely secure.  Like AV, regular patching, and network monitoring, user training remains one of the best practices organizations can use to mitigate risk.  More training is better, but failing to reach a handful of users should not be fatal as long as you've implemented additional security controls.


Your Thoughts?


What do you think - is security training worthless if you only reach 4 out of 5 people?  (Tell us in the comments below!)

Blog_NTM_AC_CatTools.pngJust in case you missed it, March was a busy, busy month at SolarWinds. We released two new products: Alert Central to coordinate the handling of notifications from your many systems, and Network Topology Mapper to help you see what's on your network. (And maybe find a few things you didn't expect!)


On top of that, we also released a new version of Kiwi CatTools, our reliable router configuration management tool. Like other releases, CatTools version 3.9 fixes a number of bugs and adds device support (especially for MicroTik). This release also updates CatTools with SolarWinds licensing so you can manage your CatTools licenses using the same portals and procedures as you use to manage all your other SolarWinds licenses.


Other Kiwi Development


Even as we continue to develop Kiwi CatTools, work continues on Kiwi Syslog Server as well. Expect some additional announcements about this popular log collection, monitor, and archive utility product in April.

A recent survey asked one hundred IT administrators what "lunch out" meant. The top three answers were:

  • 55%: Something marketing and sales people get to do
  • 24%: Eating in the break room instead of at my desk
  • 21%: I get "out" - what's "lunch"?


OK, the survey's a fake, but too many of us still think that leaving the building during working hours is dangerous. Fortunately, there is a new generation of "mobile ready" (if not "mobile first") applications to help us with that.


One of those applications is SolarWinds' Serv-U MFT Server, which ships with an iPad-optimized administrative interface. This Web console launches using iPad's built-in Safari Web browser and lets us:

  • Reset passwords and unlock users
  • Monitor current activity with statistics and logs
  • Watch user activity in real time and drop specific sessions
  • Grant access to users, groups, blocks of IPs, or entire domains
  • Add and configure users, groups, folders, protocols, and other settings


...All on your secure file transfer server from anywhere, at any time. (And did I mention it uses firewall-friendly, secure HTTPS?)



Try It Yourself

  1. Make sure your iPad is running iOS v5 or greater. (how to check)
  2. Install Serv-U MFT Server.
  3. Connect to any HTTP or HTTPS Listener on Serv-U with the Safari Web browser on your iPad. (try TCP ports 80 or 443 on your Serv-U server)
  4. Sign on as an administrator to see the main screen of the Serv-U Management Console.

Say what you will about Microsoft's new Windows 8 operating system, but when it comes to yet another desktop to manage, IT administrators always turn to DameWare.


Two interesting "DameWare on Windows 8" events happened recently so we thought we'd share.


#1: Windows 8 Downloads "Editor's Pick" Award


Yes, ANOTHER DameWare award.  Right after our fourth consecutive win as WindowsNetworking.com's best remote control software, we learned that Windows8Downloads.com checked our Windows 8 compatibility, and then awarded us their "Editor's Pick" award in the "Network & Internet > Remote Computing" category.


#2: YouTube of DameWare on Microsoft Surface Pro (Running Windows 8)


Last week mobile device enthusiast "jimmyyen101" put together a two-minute YouTube video showing DameWare in action on a Microsoft Surface Pro running Windows 8.



Your Experiences with DameWare on Windows 8


Have you worked with DameWare on Windows 8 yet?  If so, please tell us how it's going in the comments below.  If not, give it a try today.

Also "SaaS" Can Become "PaaS" If You're Not Careful


The PCI Security Standard Council finally released its PCI DSS Cloud Computing Guidelines this month, and the Guidelines are not kind to Platform as a Service (PaaS) solutions, or to Software as a Service (SaaS) solutions that behave like PaaS.  In the document, the Council stuck to the usual definition of IaaS (Infrastructure as a Service), PaaS and SaaS, but it opened its dreaded "in scope" umbrella widest over PaaS.


The following chart, adapted from the Guidelines, uses three colors to indicate whether it is the client's responsibility, the cloud service provider's responsibility, or both parties' responsibility to prove compliance to each of the twelve PCI DSS requirements.


Shared responsibility for PCI DSS compliance (i.e., "Both") extends across 11 of the 12 possible requirements for PaaS, 9 of 12 for IaaS and 4 of 12 for SaaS.


PaaS solutions are particularly thorny from a security auditor's perspective because both the CSP and client contribute code, scripts or workflows that govern the movement and processing of data.   For example, a PaaS solution could have a base SaaS application that handles contact information plus a PaaS layer (e.g., Web services) that allows clients to integrate into their backend systems.


IaaS solutions have several shared areas of responsibility, but the lines of delineation between client and cloud service provider are clear from a security auditors' perspective.  For example, requirement #1 (firewall) could be broken up into a "Do you have a secure firewall?" question posed to the CSP, and a "Do you have a secure set of firewall rules?" question posed to the client.


SaaS solutions have the fewest number of shared areas of responsibility, but almost any degree of integration,such as centralized authentication or automated data transfer, threatens to convert a SaaS solution into a PaaS solution in the eyes of a security auditor.  In fact, the Guidelines include special discussion of "Hybrid Clouds" and other common deployment models that blur the lines between SaaS and PaaS.


Addressing PCI DSS Concerns with SolarWinds Technology


SolarWinds® software, including Log & Event Manager, Firewall Security Manager, DameWare® Remote Support, and Serv-U® Managed File Transfer (MFT), is frequently deployed on top of IaaS to provide PCI DSS compliant solutions.  SolarWinds software is also often used to power, monitor or manage industry- and workflow-specific SaaS solutions from leading vendors and on-premises installations around the world. Additional information about how SolarWinds helps organizations of all sizes achieve PCI DSS compliance can be found below.


My favorite customer quote of the week: 

"DameWare is RDP on steroids."


A conversation with a new remote support user yielded this gem as the three-person IT team leader described how he could do more faster with DameWare than he ever could with Windows RDP alone. Other quotes I found myself jotting down: 

  • "It's like RDP but you can work with another user at the same time on the same screen, and it includes a little chat client so you don't have to share notepad or something lame like that." 
  • "You don't need to build DameWare in your standard images to use it because it installs its local client when you connect."
  • "DameWare cleans up nicely too.  It automatically uninstalls the client it installed when you close up the session."

Your Thoughts?


How would you would answer this?  "DameWare is..." 

Let us know in the comments below!

Apparently, security is not your job after all.


In a recent security survey we asked more than a hundred IT administrators and other professionals about their roles and attitudes toward computer and network security.  Not surprisingly, almost all IT pros (86%) said that they are responsible for securing IT.  However, only about one in fifteen (7%) said that security was their full time job!


Q) What's the main conclusion? 
A) Most of the people companies depend on to enforce IT security policies have conflicting priorities and resources, not the least of which is the length of the average IT day.


Q) What else can we conclude?
A) When offered the choice between "secure and hard" and "secure and easy," IT pros will pick "whatever checks the box and gets me out the door by dinnertime" almost every time.


Fortunately, SolarWinds has a number of easy-to-use products that secure networks, secure computers, and avoid the hassles and meetings that keep everyone working too late.  Three of them are:


Are You In The 79%?

Are you one of the 79% of IT pros responsible for computer security as part of your overall job (but not your full time job)?  Are you part of a small shop where security is no one's full time job?  We'd love to hear from you in the comments below!

It wasn't that long ago that SSL 2.0 and then SSL 3.0 imperfections sent the security world scrambling to the safety of TLS, SSL's direct successor.  Then came BEAST, which used a combination of JavaScript and network sniffers to decrypt authentication cookies over TLS 1.0 streams.  And now we have the Lucky 13 attack that convinces TLS 1.0, TLS 1.1 and TLS 1.2 to all reveal information about the original message using a man-in-the-middle timing technique.

Fortunately, the scope of the Lucky 13 attack appears to be limited to TLS cipher suites that include CBC-mode encryption.  Unfortunately, those suites are very common and usually on by default.

However, if you own a Serv-U FTP Server or Serv-U MFT Server, you have the controls you need to enable or disable affected cipher suites built into the Serv-U Management Console.


In this case, just look for the SSL ciphers that include "CBC" and uncheck them.

FIPS 140-2 SSL Caveat

If you check Serv-U's "Enable FIPS 140-2 mode" checkbox, the "Advanced SSL Options" panel disappears.  Behind the scenes, Serv-U disables all ciphers except SHA ciphers using AES (AES256-SHA and AES128-SHA) and Triple DES (DES-CBC-3SHA).  Note that the Triple DES cipher uses CBC. In other words, if you want to retain fine control over your data in motion ciphers, you will need to leave the "Enable FIPS 140-2 mode" box unchecked.

Little good comes from a Monday...unless its another award!  DameWare_Wins_5_Stars_From_Soft82.png

Today we were thrilled to learn that DameWare Remote Support earned a 5-out-of-5 star rating from Soft82.com.  The award comes just two week after DameWare was first listed on the site, and one month after DameWare was recognized as the top remote control application in WindowsNetworking.com's Reader's Choice Awards.

"As a system admin, I cannot imagine life without DameWare," wrote Dave from Kansas in a recent online review.  "I found it 10 years ago and it never leaves my side. I've bought a copy for every employer I've ever been with. For as much multi-tasking as I do, it really helps not having to get up and physically touch each machine I have to work on."

To report YOUR experiences with DameWare (or other awards we may have missed), please let us know in the comments below. 
Or, if you are new to our award-winning remote control software, download DameWare and start your free trial today.

Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.