This is a mirror of official site: http://jasper-net.blogspot.com/

tariq

| Friday, June 18, 2010
A Hybrid Port Knocking System,
Some History:
The port knocking concept has been around for a while, and there are many different port knocking implementations. In computer networking, Port Knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of pre-specified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s).

Originally, this was simply conceived as a series of connection attempts to closed ports in a specific order. The “knocks” are for example, are a client attempt to connect to ports 10001, 22022, 4444, or any other ports. The Port Knocking server checks the sequence of incoming packets, if they are in the correct order that the client and server have agreed on, the Port Knocking server informs the firewall to open port 22 (SSH) to the client requesting the service.

The problem today in the world full of security threats, it should be assumed that all traffic is monitored by an unknown third party as it travels across a network. Doggedly adhering to this viewpoint provides us with the fact that our knock sequence can be passively observed by an eavesdropping person in the middle of our connection and just replay the knock sequence to get the same response from the server (open port or perform a task). This problem is called “TCP Replay Attack”. So we had to find a solution were the knock sequence is not re-playable.

Tariq Overview:
Tariq is a new hybrid port-knocking technique, that uses Cryptography, Steganography, and Mutual Authentication to develop another security layer in front of any service that needs to be accessed from different locations around the globe. Tariq was developed using python and scapy to fulfil my Ph.D. Research. We had to use a new methodology that can communicate in an unseen manner, making TCP Replay Attacks hard to be issued against Tariq. We also wanted the implementation to listen to no ports, or bind itself to no socket for packets exchange, so that Tariq won't be exposed himself to a remote exploit. Tariq relies completely on Packet Crafting, as all packets sent and received are crafted to suite our needs. In our Port Knocking implementation, we don't want:

Coding in an an unsafe language. This should be a very small application, and the performance requirements should be minimal.
Running the application in the kernel.
The service bind to a port, making it exposed to public.
To use UDP protocol.
The system to just open/close ports.
The system to authenticate from the server side only.
The system to send requests to the server in clear text.

Read more: Google code

Posted via email from .NET Info

Changing The SSH Port Without Changing It

|
For years, on security forums and mailing lists, if you ever dared to suggest changing SSH’s default port (TCP 22) the “security by obscurity” crowd would come out of the woodwork and nail your ass to the Cross of Righteousness for having the unmitigated gall to even dare utter such heretical nonsense.

Unfortunately for these dogmatic True Believers, changing the ssh daemon’s default listening port is such an incredibly effective method for avoiding ssh scans and brute force password attacks that it’s starting to show up in HOWTO security articles as a method for hardening your system.

For example, see this article at Linux Magazine.

But the Port 22 Crowd will not leave well enough alone.  Although they haven’t abandoned the “security by obscurity” mantra completely, they’re now using the following argument with increasing frequency:

NEVER CHANGE YOUR SSH PORT! If an exploit comes out that can crash SSH locally, a local unprivileged user on your system could crash SSH and start their own daemon on the SSH port > 1024 and capture your usernames and passwords. If you want SSH on a different port, do this with firewall rules.
Note that ALL CAPS is required when raising this alarm.

Also note that if you require users to connect with SSH in the first place, it’s not going to do them a helluva lot of good to crash SSH.  If you have users who actually sit down at the keyboard of the physical system, that’s another problem entirely.  Why bother with crashing SSH when they can slip a bootable CD into the tray and bounce the box?

Read more: Hinky's Proxy obesession

Posted via email from .NET Info

Mr. Hinky Dink's PoTTY

|
Mr. Hinky Dink's PoTTY implements Bruce Leidl's obfuscated-openssh patch for the most popular Windows SSH client, Simon Tatham's PuTTY. PoTTY obfuscates the initial key exchange handshake to prevent detection by deep-packet inspection firewalls and intrusion detection/prevention systems (IDS/IPS). For a desrciption of the obfuscation process, read this. To leverage obfuscation, PoTTY requires, but does not supply, an obfuscated-openssh server to connect to. PoTTY also supports non-obfuscated OpenSSH servers.

Read more: PoTTY

Posted via email from .NET Info

Obfuscated OpenSSH

|
Handshake Obfuscation
---------------------

Handshake obfuscation strengthens the initial SSH handshake against systems that identify or classify various network protocols by examining data in transit for static signatures.  Such automatic classification of traffic is often used to provide different levels of network service for each protocol and sometimes used to implement policies which prohibit certain uses of a network.

When an SSH connection is initiated, the client and server exchange several packets to configure the cryptographic parameters for the session.  Since the encryption algorithms and keys have not yet been determined, this exchange of messages is not encrypted and is vulnerable to analysis which can conclusively identify the connection as SSH protocol traffic no matter what port the server is listening on.  For most users this is of no concern, because merely being able to identify a connection as an SSH session does not introduce any security vulnerabilities in the protocol itself.

Some users may have special security needs where they would prefer not to disclose that they are using the SSH protocol to somebody who may be monitoring
the network.  Handshake obfuscation prevents automatic identification of SSH protocol traffic by encrypting the entire handshake with a stream cipher, and
is designed to make it difficult to implement an automated analysis tool even understanding how the obfuscation protocol works.

The obfuscation encryption key is generated in a way which is deliberately slow to make it difficult to implement on the type of high performance network hardware which is usually used for classifying protocol traffic.  Additionally an option is provided for the client and server to share a 'keyword' which is a simple kind of password that is used only for securing the handshake.  No connection can be initiated to a server which has keyword obfuscation enabled without knowing the keyword, and the obfuscation keyword is used to derive the keys that encrypt the handshake in order prevent decrypting the handshake traffic without knowing the keyword.

Read more: Github

Posted via email from .NET Info

raw2vmdk - Mount raw images as VMDK virtual disks

|
raw2vmdk is an OS independent Java utility that allows you to mount raw disk images, like images created by "dd", using VMware, VirtualBox or any other virtualization platform supporting the VMDK disk format.

Read more: raw2vmdk
Read more: SourceForge

Posted via email from .NET Info

MSDN Magazine June 2010

| Thursday, June 17, 2010
ff727949.cover_0610_lrg(en-us,MSDN.10).png

Cloud Diagnostics: Take Control of Logging and Tracing in Windows Azure
It’s difficult to troubleshoot any application without a trail of clues to follow, and cloud apps are no different. We look at how logging and tracing are enabled for Windows Azure, and how you can use Windows PowerShell to manage diagnostics for a running service.
Mike Kelly

Input Validation: Enforcing Complex Business Data Rules with WPF
Windows Presentation Foundation has a rich data binding system that includes flexible support for business data validation. We take a look at implementing some complex data input validation scenarios that include customized data errors for users.
Brian Noyes


Express Yourself: Encoding Videos Using Microsoft Expression Encoder 3 SDK
Video on the Web involves huge amounts of data. Learn the best way to manage and move that data with the help of Microsoft Expression Encoder 3.
Adam Miller

Silverlight Online: Silverlight in an Occasionally Connected World
We discuss the latest incarnation of occasionally connected Silverlight applications, which come with a highly interactive user experience and can run either inside or outside of a browser.
Mark Bloodworth and Dave Brown
(more...)

Read more: MSDN Magazine June 2010

Posted via email from .NET Info

Difference Between GETDATE and SYSDATETIME

|
Sometime something so simple skips our mind. I never knew the difference between GETDATE and SYSDATETIME. I just ran simple query as following and realized the difference.

SELECT GETDATE() fn_GetDate, SYSDATETIME() fn_SysDateTime

In case of GETDATE the precision is till miliseconds and in case of SYSDATETIME the precision is till nanoseconds.

Read more: Journey to SQL Authority with Pinal Dave

Posted via email from .NET Info

DEJAVU FONTS FÜR VISUAL STUDIO 2010 NUTZEN

|
For Visual Studio, I've always Inconsolata If you install the font and worked with it. For a black background of this font is great, but on white, he just looks washed out too. So I looked around for another developer fonts and am in the process become aware of DejaVu.

2451.shot2_5F00_thumb_5F00_3BDE2232.png

Posted via email from .NET Info

Hotfix: Hyper-V backup can cause slow system boot / large registry files

|
A while ago I made an open offer to people to contact me if they had experienced issues using Hyper-V backup.  A number of you contacted me with reports of large registry files in the parent partition – that would slow down system boot over time.

Well, after a lot of investigation we have figured out the cause and a hotfix is now available.  You can download it from here: http://support.microsoft.com/kb/982210

I recommend that if you are using backup regularly on Hyper-V that you install this hotfix.Note – that despite the title of the KB article, this fix applies to Windows Server 2008 R2 (not Windows Server 2008).

So what was the cause of the problem?

Read more: Virtual PC Guy's Blog

Posted via email from .NET Info

Deep-protocol analysis of UNIX networks

|
Introduction

Networks have become so ubiquitous that in many cases we take the use of the network to communicate with different machines, inside and outside of our network, for granted. Most of the time this isn't an issue, but there are times when you need to take a closer look at your network and find out what is going on.
There are a number of reasons to take a closer look at the contents of the network traffic. The first is that you may simply be debugging an existing network application or one you are developing, and want to monitor the traffic going past on your network. The second reason is to identify traffic on your network that may be using up bandwidth and resources. For the former, you probably already know the contents of the protocol, but you may want to get a more detailed look at the actual data being transferred, for example, when using web services. For the latter, identifying the contents of the packets requires some extensive knowledge of the protocols being used.
With both TCP/IP and UDP/IP communications, the key elements are the IP addresses used to identify the hosts and the port number. The port number is used to provide additional communication channels so that you can support multiple connections between two hosts. There are some standards in the port definitions. For example, port 25 is for email (SMTP) traffic, and most websites operate on port 80 (HTTP). These conventions are used to allow programs to communicate with each other over a known channel in the same way as you would choose a phone or fax number.
While these conventions exist, there is no limit or restriction on what ports you use. In fact, in many cases, subversive network applications and some security methods will deliberately use non-standard ports. For example, some will hide content by misusing a standard port with a different protocol, like using HTTP over port 25. Other examples include using a different port from the standard so that it is not obvious which port is being used for the traffic (like using port 99 for HTTP), or by encapsulating specific protocol traffic within another protocol. This last method is actually the one used by network tunneling and virtual private networks (VPNs).
Regardless of the reasons or complexities of the network traffic, the first step is always to start recording the data.

Recording raw data

There are a number of different tools available if you want to record the raw network data so that you can examine the information yourself. Most of the network sniffers will also decode and decipher specific packet contents, which will help you when you want to study the content of a recognized protocol.
Under Solaris you can use the snoop tool, or under AIX the iptrace tool. You can also try the cross-platform tcpdump tool, which is supported on most UNIX and Linux operating systems. These provide a combination of both capturing and decoding content for you, often performing the bulk of the protocol analysis process for you. Note that with modern switches the Ethernet packets are not echoed to every port, which often limits the information you can extract to the current host. Many modern switches provide a management port that often carries a copy of all packets for exactly this type of monitoring.
The primary complexity behind decoding network transmission is the levels of information that are provided within the network packets. In addition, much of this information is also sent encoded in binary format, and capturing pure raw packets off of the network requires a significant amount of work to pick out the data that you need. By using a tool that provides some of the processing, you can simplify the process of decoding network data.

Read more: IBM

Posted via email from .NET Info

What does the PRE in PREfast stand for?

|
Commenter Jeff asks what the PRE in PREfast stands for.

It's an inside joke.

The Microsoft Programmer Productivity Research Center (MSPPRC) originally produced a tool called PREfix. Michael Howard put me in touch with the development team, and they explained that it was called PREfix because it helps you fix your bugs before (PRE) you even run the code.

The problem with PREfix was that it required monster hardware, and even if you got the hardware up and running, the results took days to generate, and tuning the program's parameters required intricate knowledge of its inner workings. In other words, it was something only a researcher would love.

When they started sharing the tool with the product groups, the response was as you might expect: "This is great stuff you guys have here, but it's kind of impractical to expect everybody to have hundreds of thousands of dollars of hardware and a Ph.D. in order to run it."

The solution was a lightweight version of PREfix, which was named PREfast because it was a fast version of PREfix. It didn't do as thorough a job, but it didn't require monster hardware and could be understood by people who didn't have a brain the size of a planet.

Read more: The old new thing

Posted via email from .NET Info

Installing and Running Google Go on Mac OS X

|
A while ago Google gave us a brand new language, Go. In the last couple of years I really haven't heard much about it, but I decided to finally install it and give it a try. This tutorial will guide you step-by-step on how to install Google Go and start writing your own applications.

Go's website has very good instructions on how to install it, and this tutorial will take many steps directly from there. Their website has instructions for all the major platforms, however this article will be specific to Mac OS X running on a 64 bit Intel processor.

Google does not distribute the binaries, which means you'll have to build it for your own platform.

Setup Environment Variables

When you build Go, the compiler is going to need to know a few things.

export GOROOT=$HOME/go
export GOARCH=amd64
export GOOS=darwin
export GOBIN=$HOME/go/bin

$GOROOT is the path to where you'll download the Google Go source code. I left mine where Google suggested, which is $HOME/go (/Users/[username]/go).

Read more: Switch on code

Posted via email from .NET Info

Learned Today: Joining with Hibernate

|
Hibernate (and NHibernate) is able to do a lot of different kind of joins. Unfortunately it can not do outer joins on properties that are not mapped as associations. My goal was to get the result of the following SQL-query with an outer join:

SELECT e.Name, d.Status, count(*) 

FROM event e
LEFT OUTER JOIN delivery d on e.Id = d.EventId
GROUP BY e.Name, d.Status

I hoped to realize the above query with Hibernate in HQL. Actually you can do joins between entities where no association is mapped:

SELECT new ReportDto(e.Name, d.Status, count(d))
FROM Delivery d, StatisticalEvent e where d.EventId = e.Id
GROUP BY d.EventId, e.Name, d.Status

... unfortunately this is an inner join.

You can do outer joins with Hibernate:
SELECT new ReportDto(e.Name, d.Status, count(d))
FROM Delivery d right outer join d.Event e
GROUP BY e.Name, d.Status

... unfortunately you have to have mapped the association between the two entities, since you have to feed a path to the join expression.

Read more: CLOSED-LOOP

Posted via email from .NET Info

5 things you didn't know about ... JARs

|
For most Java developers, JAR files and their specialized cousins, WARs and EARs, are simply the end result of a long Ant or Maven process. It's standard procedure to copy the JAR to the right place on the server (or, more rarely, the user's machine) and forget about it.
Actually, JARs can do more than store source code, but you have to know what else is possible, and how to ask for it. The tips in this installment of the 5 things series will show you how to make the most of Java Archive files (and in some cases WARs and EARs, too), especially at deployment time.
Because so many Java developers use Spring (and because the Spring framework presents some particular challenges to our traditional use of JARs), several of the tips specifically address JARs in Spring applications.

I'll start out with a quick example of a standard Java Archive file procedure, which will serve as a foundation for the tips that follow.
Put it in a JAR
Normally, you build a JAR file after your code source has been compiled, collecting the Java code (which has been segregated by package) into a single collection via either the jar command-line utility, or more commonly, the Ant jar task. The process is straightforward enough that I won't demonstrate it here, though later in the article we'll return to the topic of how JARs are constructed. For now, we just need to archive Hello, a stand-alone console utility that does the incredibly useful task of printing a message to the console, shown in Listing 1:

Listing 1. Archiving the console utility
package com.tedneward.jars;

public class Hello
{
   public static void main(String[] args)
   {
       System.out.println("Howdy!");
   }
}

The Hello utility isn't much, but it's a useful scaffold for exploring JAR files, starting with executing the code.

1. JARs are executable

Languages like .NET and C++ have historically had the advantage of being OS-friendly, in that simply referencing their name at the command-line (helloWorld.exe) or double-clicking their icon in the GUI shell would launch the application. In Java programming, however, a launcher application — java — bootstraps the JVM into the process, and we have to pass a command-line argument (com.tedneward.Hello) indicating the class whose main() method we want to launch.
These additional steps make it harder to create user-friendly applications in Java. Not only does the end user have to type all of these elements at the command-line, which many end users would rather avoid, but chances are good that he or she will somehow fat-finger it and get an obscure error back.

Read more: IBM

Posted via email from .NET Info

Inside Kinect

|
kinect2.png

Microsoft has renamed project Natal, its new game interface, as Kinect - and don't you think that most of Microsoft's code names are better than the final moniker that they adopt for the finished , or nearly finished, thing.
While there is a lot of over-hyped and staged excitement about the new human interface it is interesting to know that the same technology is already generally available.
It seems that Natal/Kinect is the next step down the gestural interface road but notice that this step is mainly soft rather than hard. The new Kinect XBOX 360 add on is mainly an innovation in software.

It is a box with some cameras that makes use of IR illumination to obtain depth data, color images and sound. The IR is used as a distance ranging device much in the same way a camera autofocus works. It is claimed that the system can measure distance with a 1cm accuracy at 2m and has a resolution of 3mm at 2m. The depth image is also 640x480 i.e. standard VGA resolution. The color image is 1600x1200.
A custom chip processes the data to provide a depth field that is correlated with the color image. That is the software can match each pixel with its approximate depth. The preprocessed data is fed to the machine via a USB interface in the form of a depth field map and a color image.

Read more: I Programmer

Posted via email from .NET Info

Popular .NET Web Content Management Systems (CMS) - Open Source

|
As wikipedia defines it - “A web content management (WCM) system is a CMS designed to simplify the publication of web content to web sites and mobile devices, in particular, allowing content creators to submit content without requiring technical knowledge of HTML or the uploading of files”

Here are some good Open Source ASP.NET Web CMS that are popular in the community. You can Bookmark this link for future use


N2 CMS - N2 is a lightweight CMS framework to help you build great web sites that anyone can update. Using it's interface is intuitive and empowering. It is based on an object model with separation between view templates, content model and database and integrates well with the ASP.NET and ASP.NET MVC 2 paradigm.

DotNetNuke Community Edition - DotNetNuke, also known as DNN, is the ideal platform for building professional websites with dynamic content and interactive features. It is the most widely adopted Web Content Management Platform for building web sites and web applications on Microsoft .NET.

mojoPortal - mojoPortal is an extensible cross platform, cross database, content management system (CMS) and web application framework
(more...)

Read more: Devcurry

Posted via email from .NET Info

Creating a Shuffleboard Game using Silverlight

|
Introduction

In this walkthrough, we will create a table shuffleboard style game for Windows Phone 7 using Silverlight. Many bars feature these long wooden table games, in which players slide metal pucks down the length of the table, attempting to get as close as possible to the far end without sliding off the edge.

Multi-Targeting

Windows Phone 7 uses a version of Silverlight 3 with a few bonus features. Because this version of Silverlight is so close to the Web version of Silverlight 3, we’ll take the approach of Multitargeting a solution for both platforms. To do so, start with a Silverlight 3 (web) application template, and then add in a Windows Phone project with linked files that re-use the Silverlight 3 solution. This allows us to deploy to many different platforms using the same code base.

Let’s get started by creating our Solution in this way.

Creating the Solution and MainPage

In Expression Blend 4, create a new Silverlight Application + Website template named Shuffleboard. Be sure to select “3.0” from the Version dropdown, as this is what is supported by Windows Phone (in a little bit we’ll add in the Windows Phone project template as well).

3731.image_5F00_thumb_5F00_2599C077.png

Read more: Coding4fun

Posted via email from .NET Info

תמיכה ב WindowsService בזמן פיתוח

|
בעבודה עם WindowsService קיימת אי נוחות בסביבת הפיתוח.

אי אפשר סתם כך להריץ אותו ב VisualStudio (לא ניתן ללחוץ F5 ולהריץ).
יש צורך להוסיף שורה שטוענת את ה Debugger , זו שורה שנוספת לקוד על כל המשתמע מכך, ויש גם לדאוג שלא תופיע בסביבת Realese.
לא ניתן להדפיס הודעות ל Console
סדרת פוסטים זו , נועדה כדי לפתור בעיות אלו.

הרצת ה Service כ Console בזמן debug.

כדי להריץ את ה Service בלחיצת F5 (או סתם כך משורת הפקודה) , יש ליצור הבחנה בין הסביבה בה רצה האפליקציה כ Service לבין הסביבה בה רצה האפליקציה שלא כ Service.

הפתרון הפשוט הוא, לבצע אבחנה האם למשתמש יש אינטראקציה עם שלחן העבודה. למי אין? ל WindowsService (אלא אם כן הוגדר אחרת – ולזה ניתן פתרון אחר).

בעת עליית המערכת נבדוק:
if (Environment.UserInteractive())
בדיקה זו תספק כמעט את כל הפתרון, וכך נוכל לבדל בין שתי סביבות ההרצה.

if (Environment.UserInteractive)
{
RunServiceInConsole();
}
else
{
RunAsWindowsService();
}

המתודה RunAsWindowsService תספק את המימוש הרגיל

       private static void RunService()
       {
           ServiceBase.Run(new[] { new MyService() });
       }

Read more: Yitzhak Gootvilig's Blog

Posted via email from .NET Info

Hibernate 3 Annotations Tutorial

|
This tutorial will walk through how to implement a hello world project using Hibernate Annotations and MySQL database.

Requirements

Download and unzip Hibernate Core distribution from the Hibernate website. Hibernate 3.5 and onward contains Hibernate Annotations.
Starting with version 3.5 (currently trunk), Annotations and EntityManager have been merged back into the Hibernate Core codebase as invidual modules.  We will also begin bundling Envers at the same time.  This will significantly help simplify compatibility guidelines.

Download SLF4 lib as well.
Download the database connector. In this example, I’m using MySQL database.

Configuration

First, set up your classpath:

Copy hibernate3.jar and the required 3rd party libraries available in lib/required.
Copy lib/jpa/hibernate-jpa-2.0-api-1.0.0.Final.jar to your classpath as well.
Also copy slf4j-simple-1.5.8.jar from SLF4 (I’ve got an exception without this lbi in my classpath)

Read more: DZone

Posted via email from .NET Info

IIS Network Diagnostic Tools

|
When troubleshooting network problems it helps to be able to run ping and traceroute ( tracert ) commands from remote servers. There is number of such public servers available on http://www.traceroute.org.

If you need to run such server yourself on Microsoft IIS, you face a hard time, thought. I was unable to find decent, modern and free implementation of web ping and trace. So I wrote one myself.
Live demo (US server)
Live demo (CZ server)

How it works

IIS Network Diagnostic Tools is set of three HTTP handlers written in .NET: one cares for the ping command, second for the traceroute and third displays simple user friendly HTML form to use them both. Above these handlers stands one handler factory, which switches them according to requested operations.

Therefore you are able to register single handler (the factory) using single DLL and you are all set.

Installation

Copy the Altairis.IisNetDiag.dll assembly to bin folder fo your web site.
Add reference to the Altairis.IisNetDiag.ToolsHandlerFactory class in handler section. You may use any path name for registration, default and recommended is IisNetDiag.axd . Example for registration for both IIS 6.0 (Windows 2003 and below) and 7.x (Windows 2008 and above) can be found in web.config file in this folder.
That's all. Visit the address of the handler (like http://www.example.com/IisNetDiag.axd ) and you'll see the form.

Read more: Codeplex

Posted via email from .NET Info

Working with devices

|
I talked to several folks at Tech Ed who wanted to know if it was possible to work with devices and do something like an uninstall/reinstall using a Troubleshooting Pack.  Yes, you absolutely can!  In fact, there are two ways you can accomplish this, so I’ll show you both.

Method 1: Reuse the Windows “Devices” Troubleshooting Pack
This is definitely the method I’d recommend.  It doesn’t take a lot of effort and you can get really good results.  Windows 7 includes a great devices troubleshooter that can do much more than just uninstall and reinstall devices, and you’ll get all that extra goodness for free!  Since it’s included with Windows 7 you know it’ll be there.  All we need to do is tap into that workflow; let’s look at how you can do that.

If you don’t know which device is having problems you can just launch the device troubleshooter and it’ll try to figure it out.  Launching this Troubleshooting Pack from the command line is simple, just type the following command.  This is identical to launching the Troubleshooting Pack from the Troubleshooting Control Panel.

msdt.exe /id DeviceDiagnostic /skip true

If there is a specific device that’s causing you problems you can pass the PNPDeviceID for that device to the Troubleshooting Pack.  To do this we must change the command line slightly.  We’ve added the “/param” command line argument so we can pass in the specific PNPDeviceID of the problem device.  Obviously, you need to know the PNPDeviceID for the problem device for this to be useful.  This is identical to right-clicking a device in Devices and Printers and selecting Troubleshoot.

msdt.exe /id DeviceDiagnostic /param "IT_SelectDevice=[PNPDeviceID]" /skip true

Example:
msdt.exe /id DeviceDiagnostic /param "IT_SelectDevice=PCI\VEN_8086&DEV_27D8&SUBSYS_380217AA&REV_02\3&21436425&0&D8" /skip true

This is the best approach for general device issues.  It’ll enable devices that have been disabled, search for drivers, and address several other potential problems.

Method 2: Build an Uninstall/Reinstall Troubleshooting Pack
The second way to uninstall and reinstall a device is to build your own Troubleshooting Pack.  This is more work but will give you complete control over the experience.

Read more: Matt Bielman

Posted via email from .NET Info

Quick Tips: using debugger scripts to your advantage - .shell

|
After debugging for quite some time, and looking almost every day at memory dumps you start to think “I really need a command to this, to do that,…” in order to easy on some of the repetitive work and allow you to more quickly focus on the issue itself.
I find debuggers scripts to be a big advantage here, and use them a lot. These are pretty simple to define and use (don´t confuse with debugger extensions. That’s another history). So there are quite a few I keep at hand to ease the pain on some manual work.

The sample I’m going to provide is one of the scripts I use most and allows you to understand what needs to be defined and loaded on the debugger.

The purpose on this sample is to find some string on the ouput of a debugger command. Syntax will be

Find “ExecuteCommand” “value_to_find”

The output will all lines that contain value_to_find

First, all you need is notepad. Open notepad and paste the following line

.shell -i - -ci "$param1" FIND /I "$param2"

Save the file as find.txt and place it on a folder.
Next step is to load this script on the debugger. Open windbg.exe and load a memory dump. Below is a sample on how to invoke my script with two parameters and the output that was returned.

Read more: Deviations

Posted via email from .NET Info

MonoDevelop 2.4 released

|
mp-mono-logo.png

Today we are releasing MonoDevelop 2.4, which includes plenty of new features and improvements.

The release highlights are:

  • Workbench usability improvements, which include a new Navigate to Symbol dialog, Solution and Class pad zooming, better pad layout, and many other look & feel improvements.
  • Improvements in project management, with support for standalone assembly projects, and external console support for Windows and Mac.
  • Extensive text editor improvements, including in-line search, better code completion with new completion modes, editing support in block selection mode, and new refactoring operations.
  • In the debugger, support for pinned quick watches, debug value visualizers, improved expression evaluation and a new exceptions dialog.
  • Better support tools, such as a new Hex Editor, integrated T4 Templating and more Code Metrics.
  • For web developers: code completion for C# regions in ASP.NET pages, and support for WCF web references.
  • Improvements in many other add-ins: NUnit, MonoTouch, Vala and Mac OSX support.
  • You will find a more detailed description of what's new in the What's new in MonoDevelop 2.4 page.
  • Binaries and source are available from the MonoDevelop Download page.

The team is on #mono, #monodev and #monodevelop on irc.gnome.org fielding any questions you might have.

Read more: Mono
Read more: Miguel de Icaza's web log

Posted via email from .NET Info

Critical information for people running Windows 2000 and Windows XP SP2!

|
As part of the standard Microsoft Support Lifecycle, Windows 2000 Professional, Windows 2000 Server, and Windows XP Service Pack 2 (SP2) will reach “End of Support” on July 13, 2010.

If you are not familiar with the Microsoft Support Lifecycle web site (which includes the Microsoft Support Lifecycle policy), please check it out. The Microsoft Support Lifecycle (MSL) policy provides transparent and predictable information about the support lifecycle of Microsoft products.
Ever wondered how to know when support for a specific Microsoft product end or changes?  I have this information posted here: “How to know when support ends or changes for your Microsoft product.”
Here’s what you need to know if you are running Windows 2000 Professional, Windows 2000 Server, or Windows XP Service Pack 2 (SP2):

If you are running Windows 2000:

On July 13, 2010, the Extended Support phase for all editions of Windows 2000 Server and Windows 2000 Professional (including Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server, Microsoft Windows 2000 Professional Edition, and, Microsoft Windows 2000 Server) will end. If you are running one of these versions of Windows, what this means is: Microsoft will no longer issue security updates or non-security hotfixes for Windows 2000 after this date. In addition, assisted support will no longer be available for this product. To put it in real terms, at the end of the Extended Support phase for Windows 2000, customers will not have access to the following:

New security updates
Non-security hotfixes
Free or paid assisted support options
Option to engage Microsoft’s product development resources
Updates to online content (Knowledge Base articles, etc.)

So what are your support options for Widows 2000 after July 13th, 2010? Support options for Windows 2000 after July 13, 2010 are:

Existing online content may be available to resolve common issues, if the product is still within the Online Self-Help Support phase.
Custom Support is also available for purchase for those customers who have not been able to complete their migration to a supported product, and absolutely need additional support from Microsoft. The Custom Support offerings include access to security hotfixes and are specifically designed to help customers bridge the support gap while they complete their migration.
Note: To enroll in Custom Support, customers must have a Premier Support contract. Additionally, customers are required to have a migration plan in place, prior to purchasing Custom Support.

If you are running Windows XP SP2:

On July 13, 2010, support for Windows XP SP2 will also end. This date was established when Windows XP Service Pack 3 (SP3) was released on April 21, 2008. (For service packs, the end of support is 12 or 24 months after a new service pack is released. Support for the previous service pack is either 12 or 24 months, depending on the product family.)

What this means is: After July 13, 2010, customers still with Windows XP SP2 will not have access to the following:

New security updates
Non-security hotfixes

Option to engage Microsoft’s product development resources
Something to be aware of and keep in mind: The terms of the Service Pack Support policy do not impact the Mainstream Support phase or Extended Support phase dates for Windows XP as a product. Windows XP transitioned from the Mainstream Support phase to the Extended Support phase on April 14, 2009. During the Extended Support phase for Windows XP (April 14, 2009 – April 8, 2014), Microsoft will continue to provide paid support and security updates at no additional charge. To be eligible for Extended Support for Windows XP, customers must be on Windows XP SP3 after July 13, 2010 since support for Windows XP SP2 retires on July 13, 2010. Then on April 8, 2014, Extended Support for Windows XP SP3 will come to an end as well, as part of the standard Microsoft Support Lifecycle.

Read more: Microsoft SMB Community Blog - By Eric Ligman

Posted via email from .NET Info

Infragistics Announces Mono Compatibility for Leading UI Toolset

|
Princeton, N.J. & Elstree, England – June 16, 2010 — Infragistics, the experience design software company and world leader in user interface (UI) development tools, today announced that the 2010 Volume 2 version of NetAdvantage for .NET will include the ASP.NET toolkit which is fully compatible with the Mono framework from Novell. With the most powerful UI controls available for ASP.NET, Infragistics enables .NET developers to rapidly build and style high-fidelity, full-featured line of business applications and deploy in a Linux environment.

"In recent years, our customers have indicated that their organizations are moving to mixed IT environments and require UI tools that enable them to deploy applications in either Windows or open source environments," said Dean Guida, CEO of Infragistics. "With Mono compatibility in our ASP.NET toolkit, we enable developers who have a need for open source development to create UIs that are the basis for Killer Applications and deliver the best user experiences possible."

Infragistics ASP.NET toolset excels in top performance, flexibility and usability and enables developers to build rich Web applications for line of business. By providing full compatibility with the Mono runtime, Infragistics extends this functionality to the Mono community.

"With Mono Tools for Visual Studio and the rich user interface tooling by Infragistics, line of business developers can create immersive user experiences in their Mono applications and due to the open environment Mono enables, run their applications on nearly any computer in existence," said Miguel de Icaza, Mono Project founder and vice president of Developer Platforms at Novell. "We are excited to see companies like Infragistics moving into the Mono ecosystem and offering developers cross-platform compatibility."

Coinciding with today's NetAdvantage for .NET 2010 Volume 2 availability, Infragistics highlights the ASP.NET toolkit's Mono compatibility through Sample Showcase hosted on a live Linux Server running Mono: http://mono.infragistics.com/

Read more: Infragistics

Posted via email from .NET Info

Wither DirectDraw ?

|
The DirectDraw API has been more or less deprecated for game developers since the release of DirectX 9.0 SDK back in 2002. The last time we shipped samples or documentation on DirectDraw dates back to the DirectX 8.1 SDK. Game developers looking to do 2D rendering should be using Direct3D, or on systems with DirectX 11 the Direct2D API could also be a good choice. The DirectDraw documentation can still be found on MSDN. A few lingering issues, however, has kept the DirectDraw header and import library in the DirectX SDK for many long years...

In the DirectX SDK (June 2010) release, the DDRAW.H and DDRAW.LIB files are no longer there. The DirectDraw header, DDRAW.H, is included with Visual Studio 2008 because it includes the Windows SDK 6.0A release, and is present in all the newer versions of the Windows SDK including the most recent 7.1 release. Because we do not officially support Visual Studio 2005 in the June 2010 release, we finally removed the header and import library. There are only two samples in the DirectX SDK (June 2010) that even need the DDRAW.H header: the rather dated Direct3D 9 era sample ConfigSystem and the more recent sample VideoMemory. These compile fine with VS 2008 or VS 2010 due to the Windows SDK. It is worth noting, however, that the import library DDRAW.LIB is not present in the Windows SDK. It is therefore recommended that if you do make use of DirectDraw, you use explicit linking (i.e. LoadLibrary and GetProcAddress) to get any DDRAW.DLL entry-points. This technique is used by these two samples.

These samples also highlight the one area of DirectDraw that game developers continue to make use of even in modern games: getting the amount of video memory on the graphics card. It turns out that this functionality is not available in the Direct3D 9 API, so many game developers use DirectDraw just to get this information as part of their game configuration and user settings. There are some problems with this use, however, as noted in the VideoMemory sample. With the growth of physical memories both RAM and VRAM, this API is also having problems coping since it returns 32-bit DWORD counts of the size in bytes. It is recommended that when DXGI is available (Windows Vista, Windows 7, etc.), that is the most reliable API to use for getting video memory size information.

Read more: Games for Windows and the DirectX SDK

Posted via email from .NET Info

Google Storage for .NET

|
What is Google Storage?

Google Storage is an innovative new offering from Google, Inc to provide cloud based file storage similar to Amazon S3 or RackSpace CloudFiles. The service, which hasn't been officially launched to the public yet, provides a completely REST based interface that allows developers to easily upload and download files, create buckets (folders) and control file access based on ACL's.

What is Google Storage for .NET?

Google Storage for .NET (GSN) is a .NET library that provides .NET developers a pure .NET interface to the Google Storage API. Using GSN, developers will be able to perform all of the functions the API provides easily, quickly, and without any knowledge of the underlying API details or REST at all. The library is completely open source and distributed under a liberal license that allows it to be used in both commercial and open source projects.

Is GSN an official Google Release?

No, GSN is a completely independent project that is not, in any way, associated with Google. However, if Google would like to contribute code to the project, we more than welcome the opportunity to work with them in any capacity.

When will GSN be available?

We're working on GSN now and should have working code available by late June or early July. We're going to test everything to make sure nothing breaks should Google make changes to the API and we're trying to make sure everything is easy to use.

Read more: Codeplex

Posted via email from .NET Info

SQL Server Driver for PHP 2.0 CTP2 is now released

|
It is our pleasure to announce the release of Community Technology Preview 2 (CTP2) of the SQL Server Driver for PHP 2.0!
We would like to thank all who provided feedback and bug reports on our CTP1 release (April 19th) the SQLSRV (our native API) and PDO_SQLSRV drivers. Last week we shared our plans for our next CTP in our blog, and today we are happy that we were able to achieve our release criteria earlier than we anticipated.
To recap, here are the changes in this release:
Code completely re-architected with the functional core layer and the API layers
SQLSRV driver is rebuilt with the code re-architected (no new features)
PDO::__construct(): a design change from CTP1, Connection Options now need to be specified in the DSN string instead of the driver_options[] array
PDO::SQLSRV_ATTR_DIRECT_QUERY: new custom driver attribute to provide more flexibility to the developer
Ability to execute two queries within the same context or different contexts, useful when using temporary tables or other circumstances
Ability to bind parameters for queries within the same context
Errors are now encoded per the setting of CharacterSet / PDO::SQLSRV_ATTR_ENCODING
Bug fixes to SQLSRV as well as PDO_SQLSRV drivers
Our documentation now includes a new example application using the PDO_SQLSRV driver
We will always include both drivers in our releases from now onwards, and our CTP2 package is available for download on MSDN Download Center. As we blogged yesterday on what we mean by a CTP release, this CTP is the last one for this version as we have made the design changes required. We are working thru our internal processes to publish the source code, and we plan to release it with our final version.

Read more: The Official Microsoft Web Platform Team Blog

Posted via email from .NET Info

Generic WCF Hosting Service

|
The Generic Host Service provides a simple, reusable, and reliable mechanism for hosting WCF services.


The Generic Host Service provides a declarative service registration mechanism using the application configuration file, support for xcopy deployment of new services, support for hosting multiple WCF Services within a single Service Host instance, logging and tracing through Microsoft Logging Application Blocks, and isolation between executing services through App Domains.

2.1 Declarative Service Registration

To register a new WCF service

1.) Copy the dll whcih implements the service as well as any supporting dll's to the directory where the service host is installed.
2.) Add a new service entry to the services node of the hostConfiguration section.
* the name attribute is the name under which you would like the service to be hosted. It will replace the {1} parameter in the hostConfiguration endpoint attribute.
* the assemblyqualifiedname attribute contains the fully qualified assembly name of the binary that implements the sevice.
* the endpoint attribute overrides the the default endpoint provided by the hostConfiguation endpoint attribute.
* the filepath attribute is used to specify a different configuartion file from the current one.
* the enabled attribute allows you to enable or disable the service. The service will not start if the Generic Host is restarted when enabled is set to false
3.) Add the WCF configuration sections as you normally would to configure your endpoint. This is to be done in the current configuration file unless you specified a new one in the filepath attribute of your service.
4.) Start the Generic Host service

<hostConfiguration endpoint="http://{0}:1400/{1}" hostController="Services.WCF.Hosting.HostController, Services.WCF" subscriber="Services.WCF.Hosting.Monitor, Services.WCF.Hosting">
<services>
<service name="Host" assemblyqualifiedname="Services.WCF.Hosting.HostController, Services.WCF" endpoint="http://{0}:1400/{1}" filepath="" enabled="true"></service>
</services>
</hostConfiguration>


2.2 Service isolation

In addition to these features the Generic Service Host provides native and configurable tracing and logging services by leveraging the Microsoft Logging Application Blocks. It also provides a native WCF servicefor managing the WCF Services that are executing within its hosting environment. Through the IHostController contract administrative clients can Start, Stop, Recycle, and Enumerate WCF Services.


2.3 IHostController

Read more: Codeplex

Posted via email from .NET Info

Opening a New Tab may launch a New Process with Internet Explorer 8.0

|
If you have been using IE7, you are probably used to all your tabs opening under the same iexplore.exe process. The only exception is if you are on a Windows Vista machine and you are moving from Protected to Unprotected mode.

Internet Explorer 8 had a big makeover in this area. You will now notice that new tabs typically open in a new process.  By default,  IE8 will start with two instances of iexplore.exe (one for the Frame, one for the tab) and grows the number of tab processes as needed based on the amount of available RAM, the number of tabs, the integrity levels for tabs, and the number of distinct IE sessions .

You do have control over this new design through a registry key:

HKCU\Software\Microsoft\Internet Explorer\Main - TabProcGrowth (string or dword)


Tab Process Growth : Sets the rate at which IE creates New Tab processes.  There are two algorithms used by Internet Explorer.

1. Context-based: By default, the context-based algorithm is used and the curve is chosen based on the amount of physical memory on the machine. In addition, the TabProcGrowth string registry value may be manually forced to:

small: Maximum 5 tab processes in a logon session, requires 15 tabs to get the 3rd tab process.
medium: Maximum 9 tab processes in a logon session, requires 17 tabs to get the 5th tab process.
large: Maximum 16 tab processes in a logon session, requires 21 tabs to get the 9th tab process.
2. The "Max-Number" algorithm: This specifies the maximum number of tab processes that may be executed for a single isolation session for a single frame process at a specific mandatory integrity level (MIC). Relative values are:

TabProcGrowth=0 : tabs and frames run within the same process; frames are not unified across MIC levels.
TabProcGrowth =1: all tabs for a given frame process run in a single tab process for a given MIC level.
Note: On Terminal Server, the default value is the integer of 1.

TabProcGrowth >1: multiple tab processes will be used to execute the tabs at a given MIC level for a single frame process. In general, new processes are created until the TabProcGrowth number is met, and then tabs are load balanced across the tab processes.
Note: that the frame process is no longer allowed to execute at low-MIC. If this is attempted, the process will exit.

You may select the Max-Number algorithm by specifying the registry value as an integer. The registry value may be a string value containing an integer (eg, "5") or a DWORD value containing an integer (eg, 5).

Read more: We know IE!

Posted via email from .NET Info

HOWTO: How To Change Hard Error Popup Handling in Windows NT

| Wednesday, June 16, 2010
In an unattended environment, you may want to automatically dispatch hard error popups that require user intervention. This article gives you the code you need to change the hard error popup mode.

Windows NT allows the user to change the handling of hard error popups that result from application and system errors. Such errors include no disk in the drive and general protection (GP) faults.

Normally, these events cause a hard error popup to be displayed, which requires user intervention to dispatch. This behavior can be modified so that such errors are logged to the Windows NT event log. When the error is logged to the event log, no user intervention is necessary, and the system provides a default handler for the hard error. The user can examine the event log to determine the cause of the hard error.

Registry Entry

The following registry entry controls the hard error popup handling in Windows NT:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows\ErrorMode

Valid Modes

The following are valid values for ErrorMode:
Mode 0

This is the default operating mode that serializes the errors and waits for a response.
Mode 1

If the error does not come from the system, this is the normal operating mode. If the error comes from the system, this logs the error to the event log and returns OK to the hard error. No intervention is required and the popup is not seen.
Mode 2

This always logs the error to the event log and returns OK to the hard error. Popups are not seen.
In all modes, system-originated hard errors are logged to the system log. To run an unattended server, use mode 2.

Read more: MS Support

Posted via email from .NET Info

CAcert - FREE digital certificates for everyone.

|
cacert4.png

Welcome to the CAcert - FREE digital certificates for everyone.

Traditionally vendors seeking to have their root certificates included in browsers (directly or via the underlying OS infrastructure like Safari via OS X's Keychain) would have to seek an expensive Webtrust audit (~$75,000 up-front plus ~$10,000 per year). While achievable for commercial CAs who typically charge per certificate year, this is typically out of the reach of non-profit organisations like CAcert.

CAcert's primary focus and largest challenge at present is to meet the fair but firm policy of Mozilla with a view to inclusion in their products, including the popular Firefox browser (see Mozilla bug 215243). To that end an Audit is underway (you can refer to the AuditToDo list for progress and our Certificate Policy Statement is being refined at CPS (many thanks to Christian Barmala's work on this topic and for everyone who has contributed to the shaping of these policies).

Read more: CACert.org

Posted via email from .NET Info

How can you change Network settings (IP Address, DNS, WINS, Host Name) with code in C#

|
sing System;
using System.Management;

namespace WindowsFormsApplication_CS
{
   class NetworkManagement
   {
       /// <summary>
       /// Set's a new IP Address and it's Submask of the local machine
       /// </summary>
       /// <param name="ip_address">The IP Address</param>
       /// <param name="subnet_mask">The Submask IP Address</param>
       /// <remarks>Requires a reference to the System.Management namespace</remarks>
       public void setIP(string ip_address, string subnet_mask)
       {
           ManagementClass objMC = new ManagementClass("Win32_NetworkAdapterConfiguration");
           ManagementObjectCollection objMOC = objMC.GetInstances();

           foreach (ManagementObject objMO in objMOC)
           {
               if ((bool)objMO["IPEnabled"])
               {
                   try
                   {
                       ManagementBaseObject setIP;
                       ManagementBaseObject newIP =
                           objMO.GetMethodParameters("EnableStatic");

                       newIP["IPAddress"] = new string[] { ip_address };
                       newIP["SubnetMask"] = new string[] { subnet_mask };

                       setIP = objMO.InvokeMethod("EnableStatic", newIP, null);
                   }
                   catch (Exception)
                   {
                       throw;
                   }


               }
           }
       }
       /// <summary>
       /// Set's a new Gateway address of the local machine
       /// </summary>
       /// <param name="gateway">The Gateway IP Address</param>
       /// <remarks>Requires a reference to the System.Management namespace</remarks>
       public void setGateway(string gateway)
       {
           ManagementClass objMC = new ManagementClass("Win32_NetworkAdapterConfiguration");
           ManagementObjectCollection objMOC = objMC.GetInstances();

           foreach (ManagementObject objMO in objMOC)
           {
               if ((bool)objMO["IPEnabled"])
               {
                   try
                   {
                       ManagementBaseObject setGateway;
                       ManagementBaseObject newGateway =
                           objMO.GetMethodParameters("SetGateways");

                       newGateway["DefaultIPGateway"] = new string[] { gateway };
                       newGateway["GatewayCostMetric"] = new int[] { 1 };

                       setGateway = objMO.InvokeMethod("SetGateways", newGateway, null);
                   }
                   catch (Exception)
                   {
                       throw;
                   }
               }
           }
       }
       /// <summary>
       /// Set's the DNS Server of the local machine
       /// </summary>
       /// <param name="NIC">NIC address</param>
       /// <param name="DNS">DNS server address</param>
       /// <remarks>Requires a reference to the System.Management namespace</remarks>
       public void setDNS(string NIC, string DNS)
       {
           ManagementClass objMC = new ManagementClass("Win32_NetworkAdapterConfiguration");
           ManagementObjectCollection objMOC = objMC.GetInstances();

           foreach (ManagementObject objMO in objMOC)
           {
               if ((bool)objMO["IPEnabled"])
               {
                   if (objMO["Caption"].Equals(NIC))
                   {
                       try
                       {
                           ManagementBaseObject newDNS =
                               objMO.GetMethodParameters("SetDNSServerSearchOrder");
                           newDNS["DNSServerSearchOrder"] = DNS.Split(',');
                           ManagementBaseObject setDNS =
                               objMO.InvokeMethod("SetDNSServerSearchOrder", newDNS, null);
                       }
                       catch (Exception)
                       {
                           throw;
                       }
                   }
               }
           }
       }
       /// <summary>
       /// Set's WINS of the local machine
       /// </summary>
       /// <param name="NIC">NIC Address</param>
       /// <param name="priWINS">Primary WINS server address</param>
       /// <param name="secWINS">Secondary WINS server address</param>
       /// <remarks>Requires a reference to the System.Management namespace</remarks>
       public void setWINS(string NIC, string priWINS, string secWINS)
       {
           ManagementClass objMC = new ManagementClass("Win32_NetworkAdapterConfiguration");
           ManagementObjectCollection objMOC = objMC.GetInstances();

           foreach (ManagementObject objMO in objMOC)
           {
               if ((bool)objMO["IPEnabled"])
               {
                   if (objMO["Caption"].Equals(NIC))
                   {
                       try
                       {
                           ManagementBaseObject setWINS;
                           ManagementBaseObject wins =
                           objMO.GetMethodParameters("SetWINSServer");
                           wins.SetPropertyValue("WINSPrimaryServer", priWINS);
                           wins.SetPropertyValue("WINSSecondaryServer", secWINS);

                           setWINS = objMO.InvokeMethod("SetWINSServer", wins, null);
                       }
                       catch (Exception)
                       {
                           throw;
                       }
                   }
               }
           }
       }
   }
}

Read more: StackOverflow

Posted via email from .NET Info

VS REMOTE DEBUGGING ACROSS WORKGROUPS OR DOMAINS

|
Remote debugging in Visual Studio works great if both machines are on the same domain and/or workgroup. It also works dreamily if you're doing straight native C++ where you can use the TCP/IP as the debugging transport. The problem comes in when you need to do remote debugging for managed code across domains or workgroups. It doesn't work because .NET remote debugging relies on DCOM, which as a transport protocol does not jump workgroup or domain boundaries.

When I have to remote debug across domain/workgroup boundaries, here's what works for me. It's not an ideal solution but until Microsoft allows us to debug .NET code with pure TCP/IP this will get you at least started. Again, your mileage may vary and your network admins may not let you perform the following so you're on your own with these steps. Finally, I'm assuming you know how to set up remote debugging for the supported same domain/workgroup scenarios. If you don't you should read the documentation to understand what I'm talking about here.

The issue with DCOM is there's a security ramification where an account one domain does not have rights on the other workgroup or domain. The big trick is to do your remote debugging with local machine accounts. DCOM first attempts to make the connection with machine\username account and if that does not work, it falls back to the username using the hashed password. As long as the username and password on the both machines is the same, DCOM can make the connection.

On the machine where Visual Studio runs, called the local machine, open up an elevated command shell or PowerShell window with administrator rights and execute the following command. Yes, you can do the same through the GUI but this is much faster. Don't fear the command line!

net user username password /add

That creates the user account you're going to use for Visual Studio.

On the machine where your application runs, called the remote machine, open up an elevated command shell or PowerShell window with administrator rights and execute the following commands. Obviously you'll be using the same user name and password you entered on the local machine.

net user username password /add

net localgroup administrators remotecomputername\username /add

Read more: JOHN ROBBINS' BLOG

Posted via email from .NET Info

Vulnerability in Help Center could allow remote code execution - Microsoft Security Advisory (2219475)

|
You may have heard about a current exploit of Windows XP and some versions of Windows Server 2003 with the Windows Help and Support Center.  Read the official security advisory at Vulnerability in Help Center could allow remote code execution.

There is a Fix it  available for this (follow the link below, or click the image)

Read more: Fix It

Posted via email from .NET Info

How Orchard works

|
Building a Web CMS (Content Management System) is unlike building a regular web application: it is more like building an application container. When designing such a system, it is necessary to build extensibility as a first-class feature. This can be a challenge as the very open type of architecture that's necessary to allow for great extensibility may compromise the usability of the application: everything in the system needs to be composable with unknown future modules, including at the user interface level. Orchestrating all those little parts that don't know about each other into a coherent whole is what Orchard is all about.

This document explains the architectural choices we made in Orchard and how they are solving that particular problem of getting both flexibility and a good user experience.

Read more: Orchard

Posted via email from .NET Info

simple Linux

|
Simple Linux (Malaysian) A new wave of Linux Distro, simple, and small in size. Lets use simpleLinux

Read more: simple Linux

Read more: Codeplex

Posted via email from .NET Info

Net Interview questions

|
This morning a colleague of mine asked me for a list of questions to prepare for a .Net technical interview. I thought it would be useful to share this list with everyone.
A) Developer

1) OO

  • Explain principles of Object Orientation?
  • Can you use abstract classes in place of Inheritance ? What are the differences between these two concepts?
  • Explain polymorphism and write an example in code (C#).
2) Patterns
  • What are Patterns?
  • List some patterns you’ve already used.
  • Explicit one pattern by writing a small example.
  • Explain following patterns: Repository, Factory, Root Aggregate.
3) UML
  • What are the most useful UML diagrams? (list & explain at least 5) .
4) Net & C#
  • What is .Net? (Managed Code - CLR - Runtime) ?
  • Explain concepts as JIT, CLR, GAC, GC?
  • Explain series of processing steps an ASP.NET page goes through (= page lifecycle of ASP.NET) ?
  • Explain following c# keywords: Static, ReadOnly, Const?
  • What is: a Webservice,WCF, WPF, Silverlight and how do these technologies/concepts relate to each other?
5) DB
  • Write simple query that joins 2 tables via a 1-to-N relation that contains a filter and a group by clause.
  • Explain what is a Transaction.
  • What are the properties of a transaction (-> ACID)
  • Explain concepts as Primary Key & Clustered Index and how these concepts relates?
  • Is a GUID a good Clustered index, explain why?

Read more: Geoffrey Vandiest

Posted via email from .NET Info

Hide and seek

|
Another interesting question from StackOverflow. That thing is a gold mine for blog topics. Consider the following:

class B
{
 public int X() { return 123; }
}
class D : B
{
 new protected int X() { return 456; }
}
class E : D
{
 public int Y() { return X(); } // returns 456
}
class P
{
 public static void Main()
 {
   D d = new D();
   Console.WriteLine(d.X());
 }
}

There are two possible behaviours here. We could resolve X to be B.X and compile successfully, or resolve X to be D.X and give a "you can't access a protected method of D from inside class Program" error.

[UPDATE: I've clarified this portion of the text to address questions from the comments. Thanks for the good questions.]

We do the former.To compute the set of possible resolutions of name lookup,  the spec says"the set consists of all accessible members named N in T, including inherited members" but D.X is not accessible from outside of D; it's protected. So D.X is not in the accessible set.

The spec then says "members that are hidden by other members are removed from the set". Is B.X hidden by anything? It certainly appears to be hidden by D.X. Well, let's check. The spec says "A declaration of a new member hides an inherited member only within the scope of the new member." The declaration of D.X is only hiding B.X within its scope: the body of D and the bodies of declarations of types derived from D. Since P is neither of those, D.X is not hiding B.X there, so B.X is visible, so that's the one we choose.

Inside E, D.X is accessible and hides B.X, so D.X is in the set and B.X is not.

Read more: Fabulous Adventures In Coding

Posted via email from .NET Info

Custom Bitmap Effects - HLSL

|
In the article Custom Bitmap Effects - Getting started we discovered how to work with HLSL in WPF. Now we are in a position to write more sophisticated shaders and  this means learning some more HLSL.

In general shaders can work on vertices - i.e. the basic geometry of a 3D object - or the pixels that are about to be displayed. That is HLSL is a language that has commands that are about manipulating geometry and pixels.
In WPF and Silverlight you can only use HLSL to write pixel shaders and the rest of this article concentrates on writing a pixel shader. If you lookup HLSL in the help or a manual you will encounter lots of commands that you can't use to create an effect.
The same ideas, however, apply to vertex shaders and you can use this as an introduction to shaders in general - but you will have to use DirectX to make use of a compiled vertex shader.
Basic syntax

In the previous article on getting started with custom bitmap effects a very simple shader was used as an example and it is now time to examine it in closer detail.
The shader simply returned the color red every time it was called:

float4 main(float2 uv:TEXCOORD):COLOR
{
 vector<float,4>color={1,0,0,1};
 return color;
}

This may be a very simple shader but it illustrates several important ideas. The first is that HLSL is much like C or C# but it is much simpler. You can lookup the syntax in the DirectX help file (installed with the SDK).

Read more: I-Programmer

Posted via email from .NET Info

HeinanOS

| Tuesday, June 15, 2010
HeinanOS is an operating system developed mainly in C++.

HeinanOS is a light OS (1.44 MB image) with a lot of capabilites and many more are being developed each and every day for the final release.

Currently HeinanOS has the following features:

  • FAT12 File System.
  • Text reader supporting .txt files
For the Milestone 2 release, I plan to integrate the following features:
  • FAT16/FAT32 File System
  • Text Editor (Writer & Reader)
  • File Explorer

Read more: Codeplex

Posted via email from .NET Info

Manipulate Docx with C# without Microsoft Word installed with Open XML SDK

|
With the Open XML SDK you can edit docx without having Microsoft Word installed.

In this particular situation, I'm editing the custom properties of the docx, which are commonly used to store some application's info to further use, or even some add-in that we developed as well.

Using the code

This article is really simple, it's purpose is to spread the word, is just showing you what to do based on MSDN.

For starters, the discovery was when I found the Open XML SDK that allows me to manipulate my Word document without having office installed on the server running my application, which is a major breakthrough!
The code I used to add custom properties was taken from MSDN and I show it to you here:

public bool WDSetCustomProperty(string docName, string propertyName, object propertyValue, PropertyTypes propertyType)
   {
     const string documentRelationshipType =
       "http://schemas.openxmlformats.org/officeDocument/" +
       "2006/relationships/officeDocument";
     const string customPropertiesRelationshipType =
       "http://schemas.openxmlformats.org/officeDocument/" +
       "2006/relationships/custom-properties";
     const string customPropertiesSchema =
       "http://schemas.openxmlformats.org/officeDocument/" +
       "2006/custom-properties";
     const string customVTypesSchema =
       "http://schemas.openxmlformats.org/officeDocument/" +
       "2006/docPropsVTypes";

     bool retVal = false;
     PackagePart documentPart = null;
     string propertyTypeName = "vt:lpwstr";
     string propertyValueString = null;

     //  Calculate the correct type.
     switch (propertyType)
     {
       case PropertyTypes.DateTime:
         propertyTypeName = "vt:filetime";
         //  Make sure you were passed a real date,
         //  and if so, format in the correct way. The date/time
         //  value passed in should represent a UTC date/time.
         if (propertyValue.GetType() == typeof(System.DateTime))
         {
           propertyValueString = string.Format("{0:s}Z",
             Convert.ToDateTime(propertyValue));
         }
         break;

       case PropertyTypes.NumberInteger:
         propertyTypeName = "vt:i4";
         if (propertyValue.GetType() == typeof(System.Int32))
         {
           propertyValueString =
             Convert.ToInt32(propertyValue).ToString();
         }
         break;

       case PropertyTypes.NumberDouble:
         propertyTypeName = "vt:r8";
         if (propertyValue.GetType() == typeof(System.Double))
         {
           propertyValueString =
             Convert.ToDouble(propertyValue).ToString();
         }
         break;

Read more: Codeproject

Posted via email from .NET Info

NET FX 4 is now available in 10 additional languages

|
fter successfully getting all VS languages out the door, we released 10 additional languages for .NET Framework 4 (and 7 of those additional languages for VS 2010 Tools for the Office System 4.0 Runtime) the other day.

.NET Framework 4 (Standalone Installer)

ARA

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=ar

DAN

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=da

NLD

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=nl

FIN

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=fi

ELL

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=el

HEB

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=he

HUN

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=hu

NOR

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=no

PTG

http://www.microsoft.com/downloads/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=pt-PT


(more...)

Posted via email from .NET Info

Шпаргалка "Гимн России". Подглядываем через nslookup

|
Всем привет. Только что увидел твит от @diverofdark и решил ним с вами поделится.

Выполните в PowerShell следующий скрипт:

for ($i=200; $i -le 223; $i++)
{
  (nslookup 62.76.96.$i)[3].ToString().Replace('.', ' ').Substring(9)
}

Результатом такого опроса будет вот такой вот текст:

Rossija svjashhennaja nasha derzhava
Rossija ljubimaja nasha strana
Moguchaja volja velikaja slava
Tvojo dostojanie na vse vremena
(more..)

Read more: Александр Гончарук

Posted via email from .NET Info

Ring (computer security)

|
In computer science, hierarchical protection domains,[1][2] often called protection rings, are a mechanism to protect data and functionality from faults (fault tolerance) and malicious behaviour (computer security). This approach is diametrically opposite to that of capability-based security.
Computer operating systems provide different levels of access to resources. A protection ring is one of two or more hierarchical levels or layers of privilege within the architecture of a computer system. This is generally hardware-enforced by some CPU architectures that provide different CPU modes at the firmware level. Rings are arranged in a hierarchy from most privileged (most trusted, usually numbered zero) to least privileged (least trusted, usually with the highest ring number). On most operating systems, Ring 0 is the level with the most privileges and interacts most directly with the physical hardware such as the CPU and memory.
Special gates between rings are provided to allow an outer ring to access an inner ring's resources in a predefined manner, as opposed to allowing arbitrary usage. Correctly gating access between rings can improve security by preventing programs from one ring or privilege level from misusing resources intended for programs in another. For example, spyware running as a user program in Ring 3 should be prevented from turning on a web camera without informing the user, since hardware access should be a Ring 1 function reserved for device drivers. Programs such as web browsers running in higher numbered rings must request access to the network, a resource restricted to a lower numbered ring.

Read more: Wikipedia

Posted via email from .NET Info

Yersinia

|
yersinia3.jpg

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.

Currently, there are some network protocols implemented, but others are coming (tell us which one is your preferred). Attacks for the following network protocols are implemented (but of course you are free for implementing new ones):

Spanning Tree Protocol (STP)
Cisco Discovery Protocol (CDP)
Dynamic Trunking Protocol (DTP)
Dynamic Host Configuration Protocol (DHCP)
Hot Standby Router Protocol (HSRP)
IEEE 802.1Q
IEEE 802.1X
Inter-Switch Link Protocol (ISL)
VLAN Trunking Protocol (VTP)


Read more: Yersinia

Posted via email from .NET Info

WHAT IS NEW IN POSTGRESQL 9.0

|
PostgreSQL 9.0 beta 2 just got released this week. We may see another beta before 9.0 is finally released, but it looks like PostgreSQL 9.0 will be here probably sometime this month. Robert Treat has a great slide presentation showcasing all the new features. The slide share for those on Robert Treat's slide share page.

We'll list the key ones with our favorites at the top:

Our favorites

  • The window function functionality has been enhanced to support ROWS PRECEDING and FOLLOWING. Recall we discussed this in Running totals and sums using PostgreSQL 8.4 a hack for getting around the lack of ROWS x PRECEDING and FOLLOWING. No more need for that. This changes our comparison we did Window Functions Comparison Between PostgreSQL 8.4, SQL Server 2008, Oracle, IBM DB2. Now the syntax is inching even closer to Oracle's window functionality, far superior to SQL Server 2005/2008, and about on par with IBM DB2. We'll do updated compare late this month or early next month. Depesz has an example of this in Waiting for 9.0 – extended frames for window functions
  • Ordered Aggregates. This is extremely useful for spatial aggregates and ARRAY_AGG, STRING_AGG, and medians where you care about the order of the aggregation. Will have to give it a try. For example if you are building a linestring using ST_MakeLine, a hack you normally do would be to order your dataset a certain way and then run ST_MakeLine. This will allow you to do ST_MakeLine(pt_geom ORDER BY track_time) or ARRAY_AGG(student ORDER BY score) This is very very cool. Depesz has some examples of ordered aggregates.
  • Join removal -- this is a feature that will remove joins from the execution plans where they are not needed. For example where you have a left join that doesn't appear in a where or as a column in select. This is important for people like us that rely on views to allow less skilled users to be able to write meaningful queries without knowing too much about joins or creating ad-hoc query tools that allow users to pick from multiple tables. Check out Robert Haas why join removal is cool for more use cases.
  • GRANT/REVOKE ON ALL object IN SCHEMA and ALTER DEFAULT PRIVILEGES. This is just a much simpler user-friendly way of applying permissions. I can't tell you how many times we get beat up by MySQL users who find the PostgreSQL security management tricky and tedious to get right. Of course you can count on Depesz to have an example of this too Waiting for 9.0 - GRANT ALL

Runner ups
  • pg_upgrade is now included in contrib and much improved we hear. Can't wait to try this out. This will allow for in-place migration from PostgreSQL 8.3+ -> 9.0
  • Streaming replication, Hot standby more details Built-in replication in PostgreSQL 9.0
  • STRING_AGG -- this is a nice to have so you don't need to do array_to_string(ARRAY_AGG(somefield), '\') and with the ORDER BY feature its even better.

Read more: Postgres OnLine Journal

Posted via email from .NET Info