Last night, we rolled out a significant update to the DNSstuff site infrastructure. These changes are mostly behind the scenes, but represent something that has been under development for quite some time. Before reporting any issues with the site, be sure to read on about what's new, any issues we're already aware of, and what we're working on next.


NOTE: This post was last updated to reflect current issues on September 28, 2012 at 5:00 PM Central Time.


Professional Toolset Version 2.0

The biggest change you'll notice is in Professional Toolset. We've completely revamped the backend of Professional Toolset to be a shiny, new platform that provides us the opportunity for future tool and feature development. (More on that in a bit...)


All of the results pages have been reformatted to make what was mostly pretty cumbersome to wade through into output that you can use to quickly identify key results and values from the different tools and tests. Our development and user interface teams tried to find ways to highlight important information and organize results to make more clear, format key-value pairs more clearly, and other key changes to each page's results.


New Professional Toolset Tools

With the migration came the addition of some new tools, including one new free tool.


  • URI Block List Lookup - looks up blacklist entries based on a URI
  • Vector trace - performs traceroutes from three different locations (currently 3 locations in different parts of the US) to aid in routing and site availability troubleshooting, including a map from all 3 locations
  • Social Media (FREE) – shows social media (facebook, twitter) references to a domain
  • ADR Domain Inspector - displays the A and NS records for each DNS server in your domain
  • WWW cohost - locates multiple domains/sites hosted on the same host
  • Additional Mail Testing Tools:
    • SPF
    • SMTP Banner
    • SMTP Greeting
    • Null Sender
    • Postmaster
    • Abuse
    • Address Literal
    • Open Relay
    • POP Banner
    • POP Authorization
    • POP Status
    • IMAP Banner
    • IMAP Authorization
    • IMAP Status


Site Infrastructure Updates

DNSstuff has been migrated to a different site infrastructure/hosting environment, which affords for better redundancy, management, and monitoring functionality than before. Several tools also rely on these multiple points of redundancy to offer better and more accurate results. Some tools, like Mail Server Test Center, RBL Alerts, and Domain Doctor have not yet been migrated to the new infrastructure, but in coming months will be.


DNS Alerts migration to Domain Doctor

Customers of the old DNS Alerts service should have received both an e-mail and a popup notification recently letting them know that with this migration, we had to phase out support for the old service. Customers of DNS Alerts have long been entitled to Domain Doctor subscriptions, we've just made it official. Based on our records, some people may have still been using the DNS Alerts tool up to the last week, if you didn't get a chance to migrate your alerts and need help, let us know and we'll work with you to sort it out.


Issues, both expected and not

As with all new websites or versions of software, we're aware there are going to be some growing pains with the site. If you've got a feature that you used that was removed, a feature that you'd like to see added, let us know here. If you are having issues with any tool, including results that differ from the previous version or what you'd expect, please be sure to report them to technical support. If you have any account issues (accessing the site, purchasing new tools), please report those to support as well.


Here's what we're currently aware of that falls into the features and changes department:


DNS Report Misc Test Failures and Issues

There are still a few outstanding situations where DNS report may be returning unexpected results. We've resolved a lot of them, but what you might still see out there includes: sometimes MX tests pull in MX records for parent domain; sometimes DNSSEC records don't appear even though they exist on the domain; in very few cases MX records do not appear even though they exist; SPF records are shown for every DNS server in your domain but do not show which server the displayed SPF record came from.


Updated: DNS Report New Results Format is (was) Hard to Read

Several people have commented that they prefer the old format of DNS Report. You asked, we listened. We put up an even better version of DNS Report that incorporated a ton of your feedback about what you do and why you need it. Check it out and if you've got more comments, be sure to post here: DNS Report Feedback & Thoughts! There's still work to be done in the detail of results, so we're still listening.

Updated: Sometimes an Error is Returned when Running Tools

Thanks to customer input, we've dug into the "Sorry,..." messages presented sometimes on results pages. We've determined sometimes these errors are somewhat legitimate (i.e. an A record doesn't exist for a domain, so we can't display results), but the information you get back is clearly not helpful. We're going to fix this so that you get appropriate feedback when something goes wrong, and only see the other message when something unexpected happens. If you aren't sure which case your error message falls into, please continue to report it to our support team. You'll see "Sorry, but these probably aren't the results you're looking for" or "We're sorry, but we're unable to execute your request." Provide the "Test ID" value either in your Thwack post or your support case, that will help us track down where the issue is coming from. We're going to be adding better error reporting in an upcoming site update to help differentiate these cases.


DNS Lookup/Timing/Traversal Tools Aren't Querying SRV Records

We discovered an issue with SRV records that requires some development effort on our end to resolve. We're working on a resolution. As a workaround, if you use the "dig" or "raw" results formats instead of "pretty" in DNS lookup you should see expected results.


RBL Alerts Give Slightly Different Results from the Spam Database Lookup Tool

We've added some additional RBL sources to the Professional Toolset's Spam Database Lookup Tool that hasn't yet propagated back to RBLalerts. We're adding these into RBL alerts as well to make the results a little more fully-functional and consistent.


What's Next?

Here's some of the stuff we're working on (other than the issues above) in the coming weeks and months. Disclaimer: this is not a commitment to release these features on any specific timeframe, this is just intended as a guide to our general priorities.

New Toolset UI!

We're super excited about this one. We're going to revamp the old and busted DNSstuff Professional Toolset page with some New Hotness that's much easier to navigate. Down the road, this will let us add functionality like favorites (so you can "pin" your most used tools) and multi-tools (tools that run a series of tools, so you don't have to run multiple individual tools to perform a series of troubleshooting steps).


MSTC Fully Integrated with Toolset

You probably noticed that a lot of our new Professional Toolset tools are mail-oriented. Our goal is to combine the functionality of Mail Server Test Center with Professional Toolset so that you have a one-stop shop for all testing. We'll break out the mail-specific tools into their own area so they are easy to find and use.


New Site Look & Feel

We couldn't revamp Professional Toolset without looking at the rest of the site, so that's what we're going to do. We want to build a site that you want to visit, so we're going to look at the things that interest you and how best to present them.


Improvements to RBL Alerts and Domain Doctor

We'll be migrating RBL Alerts and Domain Doctor over to the new site infrastructure. This should improve the stability and management of these platforms, similar to what we did with Professional Toolset.


What Do YOU Want to See from DNSstuff?

We've spent some time talking to customers, gathering feedback via surveys, and generally thinking about what's interesting and good for DNSstuff, but if you've got something we missed on the new site, an issue that you've been itching to see addressed, or thoughts on what tools, content, or other features you'd like to see, send them my way!

As posted previously, the SeUM team has been cooking up a few cool new features for the next release, and finally they're ready to share the fruits of their hard labor.

Waterfall Chart.png


The most obvious addition you're likely to notice after installing the beta are the new waterfall charts that adorn the Step Details view. These waterfall charts provide an entirely new level of insight into the performance and availability of your websites and web based applications. They do so by going beyond simply visualizing web performance trends and alerting on exceeded thresholds. The new charts provide insight into all the different elements that make up a webpage and the order in which they're rendered in the browser. Now you're able to clearly and precisely see which content on the page is responsible for any poorly performing web page load times.


We've also added a new Page Elements Overview resource that allows you to easily see the percentage of each element type by size, so you can quickly determine if web page rendering performance is related to the type or size of the content loaded by the page.


Page Elements Overview.png

These new resources are essential tools for not only identifying web application performance issues but also the cause.












There are still tons of other great new features packed into this beta I haven't even touched on yet, but this brief glimpse into the next release is sure to whet your appetite. All existing Synthetic End User Monitor customers under active maintenance are welcome and encouraged to participate in the beta. You can do so by simply signing up to download the beta and playing with it in your own environment.


[Note: Example images of in-product charts based on data collected at time of posting]

As a Product Manager for SolarWinds, I get the opportunity to influence the development of products, and sometimes the opportunity to create new products, and as a WSUS MVP I’m very familiar with the everyday challenges of WSUS Administrators. So, I’m happy to announce the immediate availability of the FREE SolarWinds® Diagnostic Tool for the WSUS Agent.


This tool is an alternative to the Client Diagnostic Tool, which many of us have relied on over the years to help troubleshoot client connectivity issues, but we’ve made some significant enhancements to the new version of this tool


. • The Diagnostic Tool runs on x64 and x86 systems

. • Additional validation tests on key configuration options, such as syntax checking on the WSUS URL, and validating the installed version of the Windows Update Agent against the installed version of Windows

. • Extended connectivity checks to the WSUS server, translation of error codes to human-readable messages, and suggestions for known resolutions to those issues

. • Both GUI and Command-Line interfaces


The tool is a ZIP download with a single EXE installer. Upon installation on the client, the tool automatically launches and initiates the diagnostic scan. You can download the tool today and try it out, or we also posted a video to YouTube that describes and demonstrates the tool if you’d like to have a sneak peek.

In case you missed it, the Log & Event Manager team recently released our 5.4 version which was packed with great features. Onward and upward we continue, here's a preview of what's to come.


Disclaimer: this is not a commitment to a timeframe or delivery of any of the features discussed below. This is also not a commitment to deliver all of these features in our next release. This post is intended to give you a rough idea of what we're doing.


Installation, Configuration, & Maintenance

Whether you call it Log & Event Management or Security Information/Event Management (SIEM), there's a lot of moving parts to getting the most value out of your investment. We want to make it faster for you to get to the information that's useful whether it's the first time you're setting up LEM or you need to add something after the fact. Areas that we're looking into include:

  • Navigation and organization of out-of-the-box features
  • Configuration of connectors and other product integrations


Information at your Fingertips

We've had a lot of great LEM feedback around navigating different areas of the system and are going to make some significant improvements to make it faster to get useful insight out of your data quickly. Things we're improving on include:

  • Making it easy to find default rules that suit your specific needs (be it PCI, other compliance, security, etc)
  • Adding more dashboard widgets with historical analysis side by side with what's happening now
  • Adding more dashboard areas that let you drill down into nodes/IP addresses and users on the network to quickly determine if something/someone is an issue
  • Adding dashboard widgets that give you useful information about what's going on here on Thwack, what's new in LEM, and how to use different features


Love for Security and Operations Teams

We've talked to teams that approach LEM from a security need perspective, and teams that approach LEM more operationally with security as either a secondary or separate issue. A lot of the features you see listed above were created with an eye to one or both teams.


For the security teams:

  • Easier identification of critical rules and other content that apply to security
  • Additional details for nodes and users that will make root cause analysis faster


For the more operationally minded:

  • Dashboards and widgets that call out historical trends and help link high level visualizations to data
  • Adding a "Quick Search" to make it faster to, well, do a quick search


...and More

Some other things that are brewing here in the LEM kitchen are:

  • Improvements to LEM database archiving (check out this Thwack feature request post if you'd like to post your comments about what you'd like to see)
  • Improvements to agent installation (and other installers)
  • Extensions to our Windows Event Log integration (native support for "new" style Event Logs and the option of remote Event Log access)
  • Continued support for more product integrations with our connectors


Questions? Comments? Did We Miss Something?

If you've got questions or ideas about how a particular feature would be most useful, or want to take part in a release candidate or beta or any of these features, feel free to comment.


Make sure to file a feature request over in our Security Event Manager Feature Requests forum if you don't see your request. If someone else already posted it, please add your comments so we know there's interest in a particular feature or issue!


TechEd 2012 – What happened when you weren’t looking.


If you weren’t able to clone yourself at Microsoft TechEd 2012 to see everything you wanted or you were not able to be at this content packed event, we have you covered!  Join myITforum’s Rod Trent for the rundown of key messages, monumental product releases and critical technology components that are sure to impact your professional life for the next year.


Presenters: Rod Trent and Lawrence Garvin


WHEN: June 21st,  2012

TIME: 11:00 am CDT


It hasn’t been very long since EminentWare joined the SolarWinds family and we are already working on the next release of SolarWinds Patch Manager.  You can get a full run down of all the features we are working on for this release here, but the one that I wanted to focus on today is Microsoft SCCM 2012 (also known as ConfigMgr 2012), which just went GA in April at Microsoft Management Summit. Our dev team is working hard at adding SCCM 2012 support (Patch Manager already integrates with SCCM 2007) and below are a few screenshots which show Patch Manager snapped into the SCCM 2012 Console.

If you are an existing customer of Patch Manager and are interested in signing up for the beta, you can do so here.

sccm 2012 3rd party updates.PNG

List of all available third party vendor catalogs from Patch Manager collapsed in the 2012 console

sccm 2012 admini update servers.PNG

sccm 2012 catalogs.PNG

The details of a given third party patch from Patch Manager in the SCCM 2012 console

sccm 2012 synchronization.PNG
Status of Patch Manager third party patches deployed to end points managed in the SCCM 2012 console



We have recently released IPAM 3.0 and today I'd like to introduce all the major features of IPAM 3.0 in more detail.


    We've received many requests for better user delegation in IPAM (for instance here or here on thwack). Version 3.0 now has a possibility to define and assign user restrictions in more depth. So now you can for example restrict IPAM users per location/departments where the IT department for Europe may operate only with related subnets but they can't change anything in the US ip address scope. You can also prevent users from seeing selected network topology so they can only see s specified part of your network. All of these settings can be done easily through a new permission editor.


Go to the "Settings" -> "Manage Accounts" and select the user which you want to modify. Click on the "edit" button and then you need to expand the IP Address Manager settings. Select "custom" role and click on edit. Then you can see the new user permission editor:



    The second big enhancement in IPAM 3.0 is DHCP management. So far IPAM has been able to monitor Cisco and Microsoft DHCP servers and DHCP scopes. Now you can also easily manage your MS DHCP servers. That means you don't need to jump from IPAM to MS DHCP server console to do a IP Address reservation on the DHCP server or new DHCP scope anymore. SW IPAM can now be your centralized and complete IP address management solution.

To do an IP Address reservation in IPAM and on DHCP server just select the related scope and IP address that should be reserved (assuming your IP is used and contains the MAC address info so the DHCP server may know for what device the reservation is being made). Then click on the status drop down list and select "Reserved". IPAM will offer to do the reservation locally for you or in both the IPAM and DHCP server like this:


You can also create(or modify) new DHCP scopes directly from the IPAM web console via new the DHCP scope wizard. Just select the DHCP server in which you want to create a new scope and click "Add DHCP Scope". Now you will see the wizard that will take you through the scope creation or edit process. You can set usual parameters that are available on the MS DHCP console including exclusions, subnet size or delay offer :




Last but not least, a cool DHCP feature is the real time monitoring of DHCP address leases and assignments. Again, without this you would have to connect to the MS console, which may not be reachable (for example you are connecting from a domain which blocks your RDP connections). With IPAM 3.0 it's a matter of two simple clicks: 1) select the scope. 2) click on "Address leases" button:


When I mentioned IPAM as a complete IP address management solution then it couldn't be done without DNS support. IPAM 3.0 just added DNS monitoring for Microsoft DNS servers and more will come (checkout our what we are working on blog post).

We've added he possibility to add a DNS server and monitor its status (up/down) and all important information:


and you can also see all the details about related DNS zones and their details:


Everything is available via the IPAM web console now.

In order to help you with the migration of the spreadsheet that you may use we have improved the Importing wizard. You can let IPAM create the whole subnet structure/hierarchy if you have such information in your spreadsheet (or it can be easily added after import). Just go to the "Manage Subnets & IP Addresses" and click on the "Import" button where you need to select "Import Spreadsheet". Select the spreadsheet you want to import and select "Groups/Supernet/Subnets" choice. Now you need to identify the column that represents "structure" and IPAM will do the rest for you:


Together with the new "drag&drop" functionality you can either migrate or just change your current IP address infrastructure very easily.

We have made a new IPAM technical overview video you may watch for more information. And as always you may download a free 30 day trial version from our web site.

I hope you like new SolarWinds IPAM and stay tuned for more!

It’s been a busy few days for malware and security developments. On Friday I was listening to the TWIT Security Now podcast (recorded Wed May 30th), and the discussion about the Flame malware product. For a great explanation of the backstory of this malware, check out the TWIT episode.


This morning I learned from SysAdmin1138’s blog post that Microsoft published a Security Advisory which contains a fix designed to help protect you from being infested with this malware, assuming you are not already infested -- apparently there is evidence that portions of this malware have been around for a few years!


The short story of this situation is that a defect in Microsoft’s Terminal Server Licensing Service allows code to be exploited to create a code-signing certificate that is then used to sign code, making it appear as if it came from Microsoft. The Flame malware exploited that defect. Additional details are available from Microsoft in a TechNet blog post published on June 3rd.

While the Flame malware appears to be primarily a cyber-warfare tool, and may not directly impact organizations that are not likely targets of cyber-warfare interests, it’s also worthy of note that the same vulnerability could also be used to code-sign just about anything else and inject it into your systems. You may not consider yourself at risk for Flame, but everybody is at risk of some sort of malware that could be signed using this exploit. You absolutely need to install this update as soon as you can.


The update contains a modification to the Certificate Revocation List that makes it impossible for code signed in such a manner to be authenticated. In addition, make sure you have the latest version of the Terminal Server Licensing Service running (if you’re using it), as it has updated cryptography code that no longer contains this defect.


If you have WSUS or SCCM, deploy KB2718704 immediately.  If you have Solarwinds Patch Manager you can deploy this out-of-band update today to your entire enterprise as a single, on-demand, monitored task which will provide you immediate feedback on which systems have been secured and which have not.  If you are using another 3rd party patching tool, like Shavlik / VMware, you will need to wait for the patch to be made available for download – likely tomorrow.

While it's only been a few months since we announced the release of SolarWinds Server & Application Monitor 5.0, our crazily caffeinated SAM development team has been busily brewing up the next major installment. Available now exclusively to existing APM & SAM customers under active maintenance, this SAM beta release includes native out-of-the-box support for Microsoft's Hyper-V, as well as significant usability improvements that should ease the creation and editing of application templates.

Hyper-V Node Tree.png



Hyper-V support has been a long standing Thwack community feature request. And with an increasing rise in adoption of Virtualization over the last few years, Microsoft has made significant inroads into customers data centers with their Hyper-V offering. As a result of this increased adoption, there has been a steadily growing number of Server Admins needing better visibility into the performance and availability of their Hyper-V servers and the guests that run on them.


The latest 5.0 release of Virtualization Manager and our recently updated Free VM Monitor tool were the first SolarWinds products designed to address this need with the addition of Hyper-V support. Now it's SAM's turn to get some Hyper-V goodness.


With this beta we go beyond the existing VMware support that's existed under Orion's Virtualization tab for years now and added native support for Microsoft's Hyper-V. Mixed VMware/Hyper-V environments will share a single centralized dashboard that will provide a single pane of glass view into their entire virtualized server infrastructure.


All resources that exist under the Virtualization tab in Orion today have been expanded to support Microsoft's Hyper-V in addition to VMware. Also, all of the Virtualization related resources normally found on an ESX Host Details view have been replicated to a new Hyper-V Host Details view, providing parallel functionality across Virtualization technologies.





Creating and modifying application templates in SAM has never been a terribly difficult process, but in some instances it may have proven tedious, if not downright monotonous. After countless hours of usability testing, we've made some fairly dramatic improvements to this workflow process, while paying careful attention not to impede existing users already familiar with the product. The most noticeable of these changes are that many of the most common actions have been moved to a new menu bar across the top and the addition of a check box column that allows these actions to be applied to more than one component monitor simultaneously.

template editing.png

The most powerful usability improvement the new template editor provides is the ability to modify the properties of multiple component monitors simultaneously using the new Multi-Edit feature seen on the top action bar. Anyone, for example, who has spent time nerverackingly modifying the SQL Server instance name for each component monitor in the SQL Server 2005-2008 application template to suite their database server environment will greatly appreciate this enhancement. This new multi-edit feature works much as you might expect. Simply select two or more component monitors of a similar type and click the Multi-Edit button from the top action menu bar.


All common properties for the selected component monitor type are then presented. The values of these properties can be overridden by clicking the checkbox next to the property you want changed across all selected component monitors. In the screenshot above I'm changing the default SNMP port for the Java Application Server template to '1161' because '161' is already in use by the operating systems SNMP daemon.


We'd love to hear your feedback on these new features after playing with them in your own environment. So If you'd like to take the latest SAM beta out for a test drive and kick the tires you can signup here.

Filter Blog

By date: By tag:

SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.