<2005 August>
SunMonTueWedThuFriSat
31123456
78910111213
14151617181920
21222324252627
28293031123
45678910

On this page...

Search

Links

Member of...


ASP Insiders

MVP Visual Developer ASP/ASP.NET

Enter CodeZone

Blog Categories

Microsoft

Blogroll

Deutsche Resourcen

Management

Sign In
 

#  Thursday, 25 August 2005

Hot off the press: on 8th of September, I will be doing a rerun of my TechTalk Tools zu erfolgreichen Softwareentwicklung mit .NET (~ Tools for successful software projects in .NET) in Graz at the monthly .NET User Group Styria meeting (sign up here). So if you didn't have a chance to attend my TechTalk in Germany, this is your ticket in Austria.

Categories: .NET | this | Training and Conferences
Thursday, 25 August 2005 15:20:27 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 



#  Tuesday, 23 August 2005

I admit that I am not the sort of person who likes to go through long and winded installation instructions. However, I am willing to go to great lengths when it comes to security - still with certain limits though. And I hit such a brick wall today: trying to secure Subversion. From the documentation, I knew that the recommended path was SSH, so I set out to find out how to get this up and running on my Windows box.

Owning the black sock in Google fu, I came up with various articles, the most helpful being SVN+SSH+public key authentication on Windows Box as server. Most helpful because after reading the aforementioned recipe plus Subversion / TortoiseSVN SSH HowTo, I decided to scratch my efforts. Why?

For starters, I am not a big fan of Cygwin. That's just personal mischief of a Windows guy, I can swallow my pride when the tools that depend on it provide merit. What's more of a problem for me is installing a service for adding security to another service - especially if I need that new service just for the "security purpose", and not the other bells and whistles it can provide (plus the security issues that might be hidden in those unused parts). Call me paranoid, but I simply like to reduce "moving parts" in my setups, because: What's worse than malicious traffic? Right, encrypted malicious traffic.

Secondly, do you think - honestly - that developers love to jump through hoops to get access to the repository? (I am referring to the client side of things on Windows) Not really. From the top of my head, I fall short of naming a single developer I personally know that would love to follow those steps. But every single one of them would be more than willing to just replace svn:// for svns:// when accessing a repository.

Conclusion: yes, I am whining about the usability of an open source project. As I am participating on one myself, you very well can spare me the "usual" arguments of do-it-yourself-because-the-sourcecode-is-available-anyways. This is a rant. I want to be unreasonable. But it sure would be nice if security was in the box. Especially nowadays.

Categories: Administration | Security | Subversion
Tuesday, 23 August 2005 16:00:57 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 



#  Thursday, 18 August 2005

This is not just a plain announcement of the revamped German MSDN Developer Center - Sicherheit, it also contains some back patting for myself, so be warned.

My part in this relaunch was to go over "Basiswissen: Know How für Einsteiger" (~ Security [1..4]01) and pull together useful content in the security area applicable to developers. The result? A mix of books (some of the very best information still is only available in dead tree rendition), online articles and more. Everything is nicely presented in a box in the middle of the page:

Grundlagen (Foundation), .NET Framework Sicherheit (.NET Fx Security), Web Services (I proposed "Web Services & Distributed Technologies"), ASP.NET and Kryptographie (cryptography, my pet peeve) are the sections that I contributed. Judging from a brief perusal, it seems that mostly only my content is in there. So Michael and Uwe will accept my apologies for me claiming those to be "my" sections.

Categories: .NET | Newsbites | Security | this
Thursday, 18 August 2005 13:16:04 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 

As a long-time subscriber as well as regular reader of the Bugtraq mailing list, I saw Gregory's post on decrypting MSN Messenger passwords. Because that one really piqued my interest, I immediately headed over to infoGreG and grabbed the source code, put it into a VS.NET 2003 C++ project, fixed a couple of compiler switches, and et voila - it works as advertised!

Categories: Security | this | Use the source Luke
Thursday, 18 August 2005 08:06:45 (W. Europe Daylight Time, UTC+02:00)  #    Comments [2]

 



#  Tuesday, 16 August 2005

I promised two things during today's webcast The build system of Visual Studio Team System: links to get started with MSBuild as well as the samples I presented. Let's get started with the easy part, the samples:

VS05BetaExperienceWebcastMSBuildSamples.zip

And here are some useful links for your start into MSBuild:

That's it. You might also want to check out my link list for last week's webcast, Profiling for Visual Studio 2005 Team Systems Beta Experience.

Tuesday, 16 August 2005 15:26:20 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 

From the summary of this security practice: This module presents a set of consolidated practices designed to address ASP.NET version 2.0 security issues. The answers and recommendations presented in this module are tight distillations designed to supplement the companion modules and additional guidance. The practices are organized by various categories that represent those areas where mistakes are most often made.

Security Practices: ASP.NET 2.0 Security Practices at a Glance

Categories: 2 Ohhhh | ASP.NET | Security
Tuesday, 16 August 2005 10:01:40 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 



#  Thursday, 11 August 2005
Read about this article on Bruce Schneier's blog. Interesting and fun read, especially early in the morning. Assembler knowledge a plus, but not a requirement.
Categories: Security
Thursday, 11 August 2005 08:33:07 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 



#  Wednesday, 10 August 2005

This was a longer-planned upgrade to our Subversion server that happened today: moving from the 1.1 series to 1.2.1. It went smoothly, especially because I played it safe by doing a dump / load cycle (more details to be found in Migrating a Repository) with all repositories. Safety wasn't the only concern: as detailed in the release notes, I also wanted to move the repositories to a FSFS back end, and take advantage of xdelta compression. I was mostly after server-side features, I don't see many of our devs use the optional locking...

Categories: Administration | Subversion
Wednesday, 10 August 2005 17:29:57 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 

Want to test your Web site with that other browser? You know, the one that ships with the operating system? Here is how to do that. Start by right-clicking on the page you want to open:

In the Browse With dialog box, you can now choose which browser to use this time only, or by clicking Set as Default, use it for all your future Ctrl+F5 endeavours:

Categories: 2 Ohhhh | ASP.NET | Visual Studio
Wednesday, 10 August 2005 14:37:17 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 

Sometimes, it might be handy to not have VS.NET pick a dynamic port each and every time it starts Visual Web Developer Web Server (aka ASP.NET Development Server or, as it was called back in the old days, Cassini). There is an easy way to get a fixed port when you press Ctrl+F5. First step is to select the Web project in Solution Explorer:

Next, go to the Properties window (DO NOT right-click and choose Property Pages - you will end up somewhere entirely different):

As you can see, I already switched "Use dynamic ports" to False, and in this case, I chose to stick with the default provided port number. When is this port-setting useful? When you automate tests, for example.

Categories: 2 Ohhhh | ASP.NET | Visual Studio
Wednesday, 10 August 2005 14:27:43 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 



© Copyright 2017 Christoph Wille

newtelligence dasBlog 2.3.9074.18820
Subscribe to this weblog's RSS feed with SharpReader, Radio Userland, NewsGator or any other aggregator listening on port 5335 by clicking this button.   RSS 2.0|Atom 1.0  Send mail to the author(s)

 
Don't contact us via this (fleischfalle@alphasierrapapa.com) email address.