18 mins

Claris Support

Running FileMaker Server in a Docker container for Ubuntu 20.04

Source: https://support.claris.com/s/article/Running-FileMaker-Server-in-a-Docker-container-for-Ubuntu-20-04?language=en_US Claris Engineering Blog August 1, 2022 Updates: This engineering blog describes why you might want to use Claris FileMaker Server with Docker and how to set up a Docker image containing FileMaker Server. You can set up FileMaker Server in a Docker container as a primary or secondary machine to deploy your database.

17 mins

Dimitris Kokoutsidis

Exploring the New FileMaker Server 2024 Version 21.1

A Comprehensive Guide to Enhancements and Key Features Dimitris Kokoutsidis, Nov 9, 2024, CyberFM Table of Contents Introduction To top Claris has once again expanded the functionality and reliability of its flagship database server with the release of FileMaker Server 2024 Version 21.1. This latest release is packed with new capabilities aimed at enhancing network

22 mins

Dimitris Kokoutsidis

What You Could Capture Using Wireshark on an Unencrypted FileMaker Server Network

Without SSL/TLS encryption in place on a FileMaker Server, someone with Wireshark or another network packet analyzer installed on the local network could potentially capture and view unencrypted traffic, including sensitive data. Here’s a detailed explanation of what you, or anyone with the right access, could observe and why this is a significant security risk:

6 mins

Dimitris Kokoutsidis

Claris FileMaker Vulnerabilities

Source: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=FileMaker There are 16 CVE Records that match FileMaker in MITRE database. There is another CVE for 2024, CVE-2024-23202, as mentioned in https://cyberfm.eu/fms-privilege-escalation/ and https://fm-security.com/posts/priv_esc/ that is not published yet. Name Description CVE-2024-27794 Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker

25 mins

Dimitris Kokoutsidis

Monitoring Tools for FileMaker Server

Dimitris Kokoutsidis, Oct 22, 2024, CyberFM Monitoring tools are essential for maintaining the stability, performance, and security of your FileMaker Server. These tools enable developers and administrators to automate tasks, gain insights into server activity, and address issues before they escalate. In this comprehensive guide, we’ll delve into the top monitoring tools available for FileMaker

7 mins

Christian Schmitz

Security tidbits for FileMaker

Essential Security Tips for Protecting Your FileMaker Solutions Source: https://www.mbsplugins.de/archive/2024-10-14/Security_tidbits_for_FileMaker/monkeybreadsoftware_blog_filemaker We talked about various things at the FileMaker conference in Rome and security is a concern for everyone. Especially as scripted attacks got frequently. Rename Admin Have you ever put a FileMaker Server on the internet? You may note that people knowing your address try

21 mins

David Hamann

FileMaker Server Admin Console: Access and Role Restriction Issues

Uncovering Access and Role Restriction Vulnerabilities in the FileMaker Server Admin Console Source: https://davidhamann.de/2024/10/09/fms-bypassing-restrictions/ With a few security features added to the FileMaker Server Admin Console in the last few versions, I decided to play around with them to see how they are implemented. In this article I want to highlight three of the issues

138 mins

Dimitris Kokoutsidis

Securing Plugin Licenses in FileMaker: Addressing Breaches, Legal Implications, and Evolving Security Practices

Dimitris Kokoutsidis, Sept 8, 2024, CyberFM Many FileMaker developers rely on hardcoded license keys for plugin solutions. I have a few questions regarding this approach: Overview of Plugin License Texts Following the blog post, you’ll find the detailed license texts for major FileMaker plugins. This section serves as a guide to understand how each plugin

33 mins

Dimitris Kokoutsidis

How does the EU AI Act affect FileMaker Developers?

Dimitris Kokoutsidis, Sept 7, 2024, CyberFM The EU AI Act is one of the first comprehensive regulatory frameworks designed to address the development and use of artificial intelligence (AI) within the European Union (EU). Its aim is to ensure that AI systems are safe, transparent, and respectful of fundamental rights. Below are the key provisions

12 mins

Dimitris Kokoutsidis

FileMaker IT Auditing Procedure

Dimitris Kokoutsidis, Sept 26, 2024, CyberFM 1. Audit Overview Objective:The goal of an audit is to ensure the reliability, security, and operational effectiveness of the FileMaker solution. The audit process involves identifying potential points of failure or security risks in the system and addressing them proactively. Process: Documentation Tips:Maintain both physical and digital copies of

1 mins

Alexey Dubov

FMS, privilege escalation

CVE macOS, Windows, Ubuntu FileMaker Server CVE-2024-23202 Source: https://fm-security.com/posts/priv_esc/ I have identified a privilege escalation vulnerability in FileMaker Server for all platforms (macOS, Windows, Ubuntu) This vulnerability allows an attacker, that has the most limited access to a remote database, hosted on FileMaker Server, to get full access privileges, with access to all data from all tables

18 mins

Alexey Dubov

FMS, bypass authorisation

Bypass authorization of FileMaker Server or “there is no such category” Source: https://fm-security.com/posts/bypass_auth/ CVE FileMaker Server CVE-2024-27790 Menu Introduction In the summer of 2023, I decided to investigate the internal communication protocol between FileMaker clients and the server. This led to the discovery of perhaps the most significant vulnerability in the platform’s history. I discovered that it

16 mins

Dirk Schittko

FileMaker Under Linux

Dirk Schittko, Oct 1, 2024, FileMaker Konferenz 2024 Menu At FMK 2024, Dirk Schittko delivered an insightful talk on the intricacies of setting up and managing FileMaker Server on Linux, particularly on Ubuntu. FileMaker Server, traditionally a Windows or macOS application, has found a new home in Linux, offering increased performance, cost savings, and reliability

22 mins

Claus Lavendt

The Missing Admin Tool for FileMaker Server with Claus Lavendt

Claus Lavendt, FileMaker Training Videos – Aug 14, 2024 FileMaker Server is an essential component for hosting FileMaker databases, but its built-in administrative tools often leave much to be desired, particularly for users managing large deployments or needing fine-grained control. Enter Claus Lavendt’s Missing Admin Tool, a robust, free, and open-source solution that fills the

27 mins

Richard Carlton

Long Distance Upgrades in FileMaker

Richard Carlton, Jul 30, 2024, FileMaker Training Videos Menu Introduction to FileMaker Upgrades To top Upgrading FileMaker to its latest version is a decision that many organizations delay, often due to concerns about cost, downtime, or compatibility. However, running an outdated version of FileMaker comes with several risks, including slower performance, security vulnerabilities, and compatibility