<2006 April>

On this page...



Member of...

ASP Insiders

MVP Visual Developer ASP/ASP.NET

Enter CodeZone

Blog Categories



Deutsche Resourcen


Sign In

#  Tuesday, 18 April 2006

A friend of mine pointed me to the article The Windows Vista Developer Story: Application Compatibility, Migration, and Interoperability quite some time ago (shame on me for not mentioning it earlier). It is a very useful resource when you have to deal with adapting existing applications for the changes that come with Windows Vista.

Topics of this article include:

  • Thirty-Minute Compatibility Check
  • Operating System Versioning
  • User Account Control
  • Windows Resource Protection (WRP)
  • Internet Explorer Protected Mode
  • Windows Vista 64-bit
  • Microsoft Graphical Identification and Authentication (GINA)
  • Session 0 Isolation
  • Networking: TCP/IP Stack and the Windows Filtering Platform
  • Networking: Kernel Mode IP Helper APIs
  • Networking: IPv6
  • Compatibility Risks
Categories: Longhorn
Tuesday, 18 April 2006 07:41:31 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


#  Thursday, 13 April 2006

If you ever consider using NGen with your .NET applications, then you simply MUST read the article The Performance Benefits of NGen in the current issue of MSDN Magazine. It can't get any more authoritative than that (the author Surupa Biswas works on the runtime's back-end compiler and focuses primarily on pre-compilation technologies).

Categories: .NET | 2 Ohhhh
Thursday, 13 April 2006 16:17:29 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


#  Wednesday, 12 April 2006

During the MVP Open Day in Munich last week (Friday & Saturday), we had a presentation by Talhah Mir (ACE Team, Threat Modeling blogs) on threat modeling - which (I hope) everyone is familiar by now. During the talk, he pointed us to an interesting resource: A Chronology of Data Breaches from the Privacy Rights Clearinghouse. Quite an interesting list of incidents, which gives you an idea of the ratio of actual hacking vs dishonest insider, as well as other types of security breaches.

Categories: Community | Security
Wednesday, 12 April 2006 10:20:38 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


#  Wednesday, 05 April 2006

There is one feature coming with IIS 7 (http.sys, as such it is more an OS feature) that I have been waiting for a long time: being able to see what's in the kernel cache! The key to this new supercool feature is the netsh command:

C:\Users\Administrator>netsh http show cachestate ?
Usage: show cachestate [[url=]<string>]
    Tag       Value
    url   -   Fully qualified URL. If unspecified, implies all
              URLs. The URL could also be a prefix to registered URLs
Remarks: This command lists all resources and their associated properties
         that are cached in HTTP response cache or displays a single
         resource and its associated properties.
      show cachestate url=http://www.myhost.com:80/myresource
      show cachestate

Some information can be obtained in the article New Networking Features in Windows Server "Longhorn" and Windows Vista (you can even flush the cache), and here is how it works if you browse to the default Web site of IIS 7:

C:\Users\Administrator>netsh http show cachestate http://localhost
Snapshot of HTTP response cache:
URL: http://localhost:80/pagerror.gif
    Status code: 200
    HTTP verb: GET
    Cache policy type: User invalidates
    Creation time: 2006.3.21:23.30.16:0
    Request queue name: DefaultAppPool
    Headers length: 187
    Content length: 2806
    Hit count: 1
    Force disconnect after serving: FALSE
URL: http://localhost:80/iisstart.htm
    Status code: 200
    HTTP verb: GET
    Cache policy type: User invalidates
    Creation time: 2006.3.21:23.30.14:0
    Request queue name: DefaultAppPool
    Headers length: 233
    Content length: 774
    Hit count: 1
    Force disconnect after serving: FALSE

Tracking caching behavior will be so much easier.

Categories: IIS | Longhorn
Wednesday, 05 April 2006 13:23:23 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


Categories: IIS | Longhorn
Wednesday, 05 April 2006 10:37:42 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


Aside from disabling UAP, I also went back to THE Administrator account. Doing so can get quite messy unless you join your Vista box to a domain, as outlined in the blog entry Trouble signing on as THE Administrator on 5308? Now I have access to applicationHost.config again. Good security does get in the way, but this is just way too onerous.

Categories: Longhorn | Security
Wednesday, 05 April 2006 10:20:04 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


After 'killing' three Vista installations yesterday, laziness got the better of me. I launched msconfig.exe, went to the Tools tab, and did this:

A reboot later I am a happy (and no longer annoyed) camper. Security obviously went out the window, however, I don't think this installation will live long enough either for this to be an issue.

Categories: Longhorn | Security
Wednesday, 05 April 2006 08:48:51 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


#  Wednesday, 29 March 2006

If you need to find out just what devices are running Web services in your network (aside from the obvious Web servers, this includes nowadays printers, access points and many more), then you should check out httprint. It doesn't rely on server banners or fall for other obfuscation techniques, so it is quite handy to find out just what software is running on that box.

Categories: Administration | IIS | Security
Wednesday, 29 March 2006 15:14:01 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


#  Tuesday, 28 March 2006

In case you need it too: Configuring SSL Host Headers shows you how to get up and running with one IP, port and certificate but multiple host headers. All you need is a wildcard certificate (learn more here) and some CLI magic because there is no UI for it. Basically, it boils down to (for example):

adsutil.vbs set w3svc/siteid/SecureBindings ":443:host.wildcarddomain.com"

Categories: Administration | IIS | Security
Tuesday, 28 March 2006 19:33:32 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


Don't know how this one could slip by me - Windows Server 2003 Service Pack 1 (SP1) shipped a rather important update: you can run SSL in kernel mode (http.sys) instead of user mode. There are restrictions which are detailed here (most B2C SSL sites will do just fine), and the procedure to enable kernel-mode SSL shows how to get up and running in no time. Mostly you are only dealing with the registry key HKLM\System\CurrentControlSet\Services\HTTP\Parameters\EnableKernelSSL.

Categories: Administration | IIS | Security
Tuesday, 28 March 2006 19:24:04 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]


© Copyright 2018 Christoph Wille

newtelligence dasBlog 2.3.9074.18820
Subscribe to this weblog's RSS feed with SharpReader, Radio Userland, NewsGator or any other aggregator listening on port 5335 by clicking this button.   RSS 2.0|Atom 1.0  Send mail to the author(s)

Don't contact us via this (fleischfalle@alphasierrapapa.com) email address.