FrameFlow Company Blog

10 03, 2015

Patch Tuesday for March 2015

Mar 10, 2015|Patch Tuesday, Server Security and Patching|

It’s Patch Tuesday again for all Windows sysadmins and this month’s delivery includes more fixes than usual.

Microsoft’s security bulletin lists 14 individual fixes including a fix for the recently discovered “FREAK” vulnerability. Of the fourteen fixes, 5 of them are rated Critical and the rest are Important.

Also included are fixes for issues […]

6 03, 2015

“FREAK” Vulnerability (CVE20150204): Pretty Much All Systems are Exposed

Mar 6, 2015|Server Monitoring, Server Security and Patching|

CC Image courtesy of Joseph Novak (Flickr: Keys, USS Bowfin) [CC-BY-2.0 via Wikimedia Commons]

“FREAK” Vulnerability (CVE2015-0204): Pretty Much All Systems are Exposed

The list of flaws in trusted security algorithms has grown again with the recent announcement of the “FREAK” (Factoring Attack on RSA-EXPORT Keys) vulnerability also known as CVE-2015-0204.

First reports confirmed that many OpenSSL implementations contained the flaw and today Microsoft issued Security Advisory 3046015 confirming that all versions of Windows are vulnerable.

Where Did The Freak Vulnerability (CVE2015-0204) Come From?

The details of the vulnerability are alarming and largely due to flawed federal policies on encryption dating back to the 1990s. Around that time products like PGP (Pretty Good Privacy) were starting to see wider distribution and the U.S. officials responded by passing laws to control the export of any product that included high grade encryption. It was a futile effort and the battle was eventually won by crusaders such as Phil Zimmerman.

Some would even say there is a darker side to government efforts on the control and distribution of encryption technology:

[Read More…]

12 02, 2015

Techniques for Fast and Efficient Server Monitoring

Feb 12, 2015|Server Monitoring, Tips and Techniques|

CC Image courtesy of jakeliefer (Flickr: Old Keys) [CC-BY-2.0 via Wikimedia Commons]

Techniques for Fast and Efficient Server Monitoring

FrameFlow is highly customizable and offers a wide variety of monitoring options. We’ve designed it that way on purpose to give you the flexibility to build out your monitoring configuration in a way that best suits your work environment, practices and policies.

Authentication Methods

There’s one area where first time users often have questions and that’s when it comes to authentication. FrameFlow is an agentless monitoring system, which means we don’t install anything on the systems being monitored. Instead we use standard protocols to reach out to the monitored machines and collect the data we need. To do that we need to authenticate to the machines being monitored. This is a good thing because it means that FrameFlow plays by the rules when it comes to your network security polices rather than wildly opening ports to reveal monitoring data like some agent-based systems do.

[Read More…]

13 01, 2015

First Patch Tuesday for January 2015

Jan 13, 2015|Patch Tuesday, Server Monitoring, Server Security and Patching, Uncategorized|

    Photo By Jason Scott - Flickr: IMG_9976 - CC-BY-2.0 via Wikimedia Commons

    January 2015 – 1 Critical and 7 Important Fixes

    The first Patch Tuesday for 2015 has been released and Windows sysadmins will be busy updating as usual.

    This release includes 8 fixes with 1 listed as Critical and 7 more listed as Important. It’s always vital to make sure your systems are fully patched but Windows admins may feel some comfort knowing that the only critical issue is one that affects the Windows Telnet Service.

    [Read More…]

7 01, 2015

Are You Monitoring Your Servers for Bugs Like Heartbleed, Shell Shock & Poodle?

Jan 7, 2015|Server Monitoring, Server Security and Patching|

Server Monitoring For Computer & Internet Bugs
Photo By wongo888 (Flickr: Brown Computer Bug) - CC-BY-2.0 via Wikimedia Commons

The internet has been around for more than half a century, going back to the 1960s when the US Department of Defense first awarded contracts for packet network systems. With each passing decade, we saw a greater proliferation of the net into more areas of our lives, transforming our world into a global, knowledge-based civilization; however, one of the big problems with today’s internet technology is the abundance of security bugs, lingering from out-of-date nodes in the net.

[Read More…]

9 12, 2014

POODLE 2.0: Here We Go Again (CVE-2014-8730)

Dec 9, 2014|Server Monitoring|

Photo By Karin Jonsson (Flickr: Poodle) [CC-BY-2.0 via Wikimedia Commons]

Photo By Karin Jonsson (Flickr: Poodle) [CC-BY-2.0 via Wikimedia Commons

POODLE 2.0: Here We Go Again

It was just a bit more than an month ago when the POODLE vulnerability in SSLv3 was discovered and sent sysadmins around the world scrambling.

You might remember that the original POODLE vulernability affected SSLv3, an older protocol that has been largely replaced by the TLS protocol. Since SSLv3 was only available on many systems as a measure to support very old web browsers, it was no big deal to disable it and thereby remove the vulnerabilty.

But today news is spreading that some TLS implementations can be vulnerable too and that as many as 10% of all web sites maybe affected. This new vulnerability has been labeled CVE-2014-8730 and it’s much more serious that the original POODLE.

It’s time to scramble again.

[Read More…]

19 11, 2014

Server Monitoring for KB3011780 (MS14-068) Patch – 5 Easy Steps

Nov 19, 2014|Server Monitoring, Tips and Techniques|

Microsoft has issued a patch for a serious vulnerability that hits domain controllers the hardest. KB3011780 describes the issue while the security bulletin MS14-068 provides more technical details.

The vulnerability allows a user with restricted permissions to escalate to domain administrator privileges and Microsoft reports that attacks have been seen in the wild. Microsoft has officially stated that "the only way a domain compromise can be remediated with a high level of certainty is a complete rebuild of the domain," so it's critical that all Windows admins apply this patch immediately.

Microsoft recommends first patching domain controllers running Windows Server 2008 R2 or earlier. Next, patch your Windows Server 2012 and later domain controllers. Finally, patch all of your regular systems to ensure complete safety.

Use the following step-by-step instructions showing how to configure FrameFlow Server Monitor to make sure your systems have been patched:

[Read More...]

17 11, 2014

Windows 10 Server Edition Technical Preview Pros & Cons

Nov 17, 2014|Server Monitoring|

Windows 10 Server

Windows Server Technical Preview

With each new Windows release the desktop edition gets a lot of press coverage but what about the server editions? Let’s take a look at the server edition that was released along with the Windows 10 Technical Preview.

What Will the New Windows Server Edition be Called?

First, let’s talk about the name. At this time it’s not clear whether the new version will be called “Windows 10 Server,” or “Windows Server 2015,” or possibly something else. Microsoft currently uses the generic “Windows Server Technical Preview” which doesn’t give anything away. While we now have a confirmed name for the desktop edition, those of us on the server side of things will have to wait a bit longer.

[Read More…]

29 10, 2014

POODLE Patch Post: Monitoring IIS Patches for CVE­-2014­-3566

Oct 29, 2014|Server Monitoring, Tips and Techniques|

Photo By Karin Jonsson (Flickr: Poodle) [CC-BY-2.0 via Wikimedia Commons]

Photo By Karin Jonsson (Flickr: Poodle) [CC-BY-2.0 via Wikimedia Commons

Anyone running web sites on IIS with SSL support should have already rolled out patches for CVE­-2014­-3566, the vulnerability in SSL v3 which has been labeled POODLE.

What is the POODLE Bug?

Google researchers have found a severe flaw in an obsolete but still used encryption software, which could be exploited to steal sensitive data… The POODLE attack can force a connection to “fallback” to SSL 3.0, where it is then possible to steal cookies. Computerworld

FrameFlow Server Monitor Can Verify POODLE Patch Installation

Did you know that you can use FrameFlow Server Monitor to verify that the patch has been installed on all your systems?
[Read More…]

29 09, 2014

Windows 9? No, 10! What To Expect Tomorrow

Sep 29, 2014|Announcements, Server Monitoring|

Update: Windows 9 is dead. Long live Windows 10! Microsoft fooled everyone by skipping to Windows 10. There’s a preview build available already and stay tuned for our initial observations. So far all we can say is that we’re happy to have the Start Menu back.


14 08, 2014

FrameFlow v7.0.5 Released – Code Name “Lighthouse”

Aug 14, 2014|Announcements, Updates and New Releases|


Photo By Kate Wellington (Flickr: Swallowtail and Ferry) [CC-BY-2.0 via Wikimedia Commons

We are very happy to announce that FrameFlow v7.0.5 is now available for download!

This release includes a number […]

17 07, 2014

FrameFlow v7.0.4 Released – Code Name “Pool”

Jul 17, 2014|Uncategorized|

We are very happy to announce that FrameFlow v7.0.4 has been released. This release extends our IIS Event Monitor, adding options to monitor application pools and sites. Now you can get alerts when sites or pools are down so that you can take quick corrective action to get your sites going again. Also new [...]
27 06, 2014

Effective Database Server Performance Monitoring Tips

Jun 27, 2014|Server Monitoring, Tips and Techniques|

CC Image courtesy of Buster Benson on Flickr


Databases like SQL Server, MySQL and Oracle are the workhorses of IT operations. They are the reliable back-end for applications, services, web sites and many other kinds of systems so […]

6 06, 2014

FrameFlow v7.0.3 Released – Code Name “Wrench”

Jun 6, 2014|Announcements, Updates and New Releases|

Photo By Kyle May (Flickr: Wrench Red) [CC-BY-2.0 via Wikimedia Commons

Photo By Kyle May (Flickr: Wrench Red) [CC-BY-2.0 via Wikimedia Commons]

We’re very happy to announce that FrameFlow v7.0.3 has been released. Since this update is almost purely a maintenance update […]

27 05, 2014

FrameFlow v7.0.2 Released – Code Name “Lingo”

May 27, 2014|Announcements, Updates and New Releases|


We’re very happy to announce that FrameFlow v7.0.2 has been released. We chose “Lingo” as the code name for this update because it includes full support for international characters both when running on […]

16 05, 2014

FrameFlow v7.0.1 Released – Code Name “Sweeper”

May 16, 2014|Announcements, Updates and New Releases|


We’re very happy to announce that FrameFlow v7.0.1 has been released. This is a maintenance release that corrects a number of issues that have been reported since the release of v7.0 about a week ago. We fixed problems with graphs […]

14 05, 2014

Five Best Practices for Network and Server Monitoring

May 14, 2014|Tips and Techniques|

Your servers, switches and routers are the core of your operations so of course it’s important to ensure that everything is running smoothly and to get early warning about potential problems. With this set of five best practices you can optimize your server monitoring configuration for easy management, quick adaptation to changing conditions and […]

9 05, 2014

FrameFlow v7.0 Officially Released

May 9, 2014|Announcements, Updates and New Releases|


We’re very pleased to announce that version 7.0 for FrameFlow Server Monitor and FrameFlow Multi-Site Monitor has been released.

This new version includes many features that you guys have been asking for. Some highlights include:

Maintenance Windows: You can define scheduled or one-time maintenance windows […]

21 04, 2014

FrameFlow v7.0 Beta 2 Released

Apr 21, 2014|Announcements, Updates and New Releases|


FrameFlow v7.0 Beta 2

We’re very happy to announce that the second beta release for FrameFlow Server Monitor and FrameFlow Multi-Site Monitor is now available for download.  As with beta 1 this release is available for all licensed users or by invitation for evaluation users.

Updates Since Beta 1

We’ve made […]

15 04, 2014

Version 7.0 Status Update

Apr 15, 2014|Announcements, Updates and New Releases|

Version 7.0 Status Update

As you probably saw, Beta 1 of FrameFlow v7.0 was released at the beginning of the month.  Since then we’ve had a ton of feedback and we’ve been making further updates and fixes.

Beta 2 is almost ready for release and you’ll see a number of changes in it.  First, we’ve made […]