Archives
-
CodeSmith Updated (Spread the Word)
CodeSmith is one of the best apps to happen to development and it's been updated to version 2.6. The update mainly contains improvments to CodeSmith Studio (a VS-style IDE for developing templates); for those of you (us?) who rely mainly on the free CodeSmith Explorer it contains a number of minor fixes to make it a worthwhile install.
-
Validating Strong Pass Phrases Snippet
In case you missed it, the title isn't "Validating Strong Passwords" because by now the inherent weaknesses of traditional passwords are well-known. Even with pass phrases, enforcing "strong" by policy is a good idea to boost entropy.
-
Show All Cookies Snippet
This is a static method to display all cookies associated with the current domain. Wherever you use it, be sure to include System.Text and System.Web. This is essentially a C# translation of code found in Mike Pope's MSDN article "Basics of Cookies in ASP.NET," updated to use a StringBuilder and provide the output as an HTML table.
-
URLScan Security Component for Windows NT/2000 Servers and IIS 5.x
While most people know and use the IIS Lockdown tool, few install the URLScan companion piece. I strongly recommend that this utility be installed on all servers running IIS 5.x, this is as important as staying up to date with critical fixes. Much of the functionality is available in IIS6, but why wait to upgrade when you can get that peace of mind for free today?
From the summary: "URLScan is an ISAPI filter that allows Web site administrators to restrict the kind of HTTP requests that the server will process. By blocking specific HTTP requests, the URLScan filter prevents potentially harmful requests from reaching the server and causing damage."
Many features provided by URLScan are baked into IIS6, other potential problems are avoided entirely by IIS6's redesigned page and security models. The URLScan home page provides an excellent walk-through of URLScan features vs. built-in IIS6 functionality.
Still running ASP.NET sites on IIS5? Install it! -
Customizing SharePoint Themes and Site Templates
SharePoint makes use of FrontPage Themes, but FrontPage doesn't make it easy to get at the files which make up a theme. First some background and then we'll look at how to get more control over building and deploying a theme.
-
Surveillance: The Novel
Scott Cate is a busy guy. User group leader. ASPInsider. KBAlertz guy. myKB guy. And now, Novelist. The book is called Surveillance and it's in its first limited printing, of which copies are running out. My copy is on the way and judging by the pieces posted on the website, it should be a great read. Check it out!
-
Another Great SharePoint Weblog
While searching for a reference on uploading and implementing a new set of gradient images for a site, I stumbld on Mads Haugbø Nissen's Weblog. It's chock-full of useful discoveries with a focus on SPS/WSS customization. Subscribed.
-
Password policy and a recent virus
My current client is being hit with a virus that seems to be hitting LDAP / AD to pick up usernames and then running dictionary attacks on those accounts (against Exchange in their case). The end result is that a mass of accounts on this company's network were locked out.
-
Tablet Resources
I've stumbled on two good resources recently for Tablet development.
-
SharePoint Snippet: I've already logged in, stop asking.
A SharePoint KB article was posted today that's more like a FAQ item, and it got me thinking about all the other "oh yeah [slaps forehead]" things I figured out while setting up and configuring SPS/WSS sites. I've been wondering what sort of SharePoint posts to write and beginner snippets like this make good sense so expect more.
-
Microsoft Solutions Framework 4 Beta
It's been said that MSF gets a major upgrade in the Whidbey / VSTS timeframe, and here is an early look. Paul Haynes and Rob Caron own the GotDotNet workspace for the Microsoft Solutions Framework Version 4.0, Beta: Workspace Home, and it looks good! I'm really looking forward to seeing these documents fall into place, and it already makes an interesting read in relation to the features of VSTS. Exciting, productive times ahead.