<2006 March>
SunMonTueWedThuFriSat
2627281234
567891011
12131415161718
19202122232425
2627282930311
2345678

On this page...

Search

Links

Member of...


ASP Insiders

MVP Visual Developer ASP/ASP.NET

Enter CodeZone

Blog Categories

Microsoft

Blogroll

Deutsche Resourcen

Management

Sign In
 

#  Wednesday, 01 March 2006

Six short & modular security training modules have been launched:

  • Canonicalization Lab
  • Cookies Lab
  • Cross Site Scripting Lab
  • Regular Expressions Lab
  • SQL Injection Lab
  • Validation Controls Lab
Categories: Security
Wednesday, 01 March 2006 07:40:45 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Friday, 24 February 2006

Brought to you by MSDN TV: Watch the White Hats and the Black Hats battle for the security of Las Vegas, Nevada. Jessi Knapp and Microsoft Security Guru Joe Stagner narrate as the Hackers try to gain control of The Plaza's online money management system and our Security Team tries to stay one step ahead. Watch

Categories: Security
Friday, 24 February 2006 02:52:05 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Thursday, 23 February 2006

On Windows Server 2003, this is the default logging directory for the Hypertext Transfer Protocol (HTTP) APIs, better known by the kernel level http.sys driver. Chances are, you don't know that this directory exists, and what is logged there (except that when you are looking right now, you will be surprised how big that directory is!).

When you are using IIS 6.0, all requests are first received by http.sys, and then passed on to IIS - previously, IIS itself was listening for requests. Http.sys is passing on the requests intelligently, which means that certain requests never even reach IIS. For example, invalid URLs are caught:

2006-02-23 19:05:00 172.179.161.165 1422 195.234.231.66 80 HTTP/1.1 GET /serv<script%20language= 400 - URL -

Most oftentimes it is simple connection timeouts, but to get the most out of the (huge) log files, you should be using LogParser anyways.

The reason why I started this blog entry is actually this: if you don't like the HTTPERR log files on your system disk, you can relocate them. The procedure is detailed in the article Error logging in HTTP API, which also dives into the format of the log file, and which kinds of errors are actually logged there.

Categories: Administration | IIS
Thursday, 23 February 2006 22:22:46 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Sunday, 19 February 2006

On my flight to Seattle today (or yesterday, depending on the time zone) I started to read Professional ASP.NET 2.0 Security, Membership, and Role Management by Stefan Schackow. The book definitely is a must-have for every ASP.NET developer, even if you decide to read one chapter only: A Matter of Trust (#3). This one will save you loads of time when you have to deploy an application into non-full trust environments. However, the other chapters are worthwhile too, like #2 which details exactly which identity is used when by what part of the engine. Bottomline: highly recommended reading.

Categories: .NET | 2 Ohhhh | ASP.NET | Books | Security
Sunday, 19 February 2006 09:21:00 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Monday, 06 February 2006

Will be there Wednesday & Thursday as ATE (Ask the Experts), so drop by in the experts zone and say hello!

Monday, 06 February 2006 14:56:39 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Thursday, 02 February 2006

Because I wanted to create a DVD cover, I decided to install CorelDraw 10 (fine for what I need) onto my box. However, it very much refused to cooperate:

It told me that it expects NT4 through 2000 as an operating system, however, that it cannot detect my current OS (the blank third column). And that's the story. No CorelDraw for me on the x64 box. Grrrrr.

Update No dice on 32-Bit Vista (December CTP) either. Setup completely craps there. Well, so the final option is to install CorelDraw 10 in a 32-Bit virtual machine on my x64 box...

Categories: this | x64
Thursday, 02 February 2006 12:42:21 (W. Europe Standard Time, UTC+01:00)  #    Comments [2]

 



#  Wednesday, 01 February 2006

Guess why I requested to change the password - because PayPal wouldn't let me login with my perfectly valid - and correctly typed - password. And now, when I finally gave in and am in the process of changing the password, it finally remembers that the very same password is currently active. Selective amnesia I suppose.

Categories: this
Wednesday, 01 February 2006 18:08:35 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 

THE security scanner has been made available in version 4.0. Nmap is a tool you should not miss out on when you are in need of scanning networks and hosts.

Categories: Cool Download | Security
Wednesday, 01 February 2006 08:48:16 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Thursday, 26 January 2006

All I wanted to do was post this screenshot to a DasBlog-powered blog:

So as usual, I went to Add Image / Browse... and end up in my user account folder with no useable subfolders thanks to the new restrictions. I fiddled for almost 15 minutes until I gave up - and copied the image to my XP box!

Note to self: next time, install Firefox right away.

Categories: this
Thursday, 26 January 2006 14:14:59 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 

Today, I got this message when I tried to access Microsoft Update on my Windows Server 2003 box. It told me that it either didn't find the control, or that it wasn't installed - and that I should look out for that yellowish bar advertising an ActiveX install attempt. Well...

After some hair pulling, Stephan pointed me to the article ActiveX controls may not load as expected in Internet Explorer due to defense in depth changes introduced in cumulative security update 896688. The downloadable olereg.vbs did the trick - WU is now back in business.

Categories: Administration
Thursday, 26 January 2006 11:35:16 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



© Copyright 2017 Christoph Wille

newtelligence dasBlog 2.3.9074.18820
Subscribe to this weblog's RSS feed with SharpReader, Radio Userland, NewsGator or any other aggregator listening on port 5335 by clicking this button.   RSS 2.0|Atom 1.0  Send mail to the author(s)

 
Don't contact us via this (fleischfalle@alphasierrapapa.com) email address.