Home  |   Contact  |   Syndication    |   Login
  105 Posts | 0 Stories | 36 Comments | 29 Trackbacks



Post Categories


Design Patterns

Recommended Books

Wednesday, October 3, 2012 #

Kalculate Charity Drive

When: Saturday October 27, 2012 midnight to midnight PDT

Rules: The creators of Kalculate will donate a dollar to charity for every registered user that plays a full online game--up to a maximum of $1400! All you have to do is play.

About the Game

Kalculate is a you vs. the Internet style game for math lovers. The rules are simple: answer as many math problems as you can in 90 seconds. At the end of each round, Kalculate will tally up all the scores and show you where you ranked relative to others currently playing.

Tip: answering 3 questions in 10 seconds earns you a score multiplier


If you prefer to just practice and stay out of the competition, there's an offline mode that allows you to play solo.

Kalculate is free (ad-supported) and can be downloaded here.


Tuesday, March 25, 2008 #

How many IP addresses does IPv6 support? Well, without knowing the exact implementation details, we can get a rough estimate based on the fact that it uses 128 bits. So 2 to the power of 128 ends up being 340,282,366,920,938,000,000,000,000,000,000,000,000 unique IP addresses.

Well, we know that sounds like a lot, but this blurb from really puts it in perspective:

"approximately 5×1028 addresses for each of the roughly 6.5 billion people alive today. In a different perspective, this is 252 addresses for every star in the known universe – a million times as many addresses per star than IPv4 supported for our single planet"

Tuesday, February 26, 2008 #

Last week I attended the Black Hat DC 2008 Briefings. The following is a list of the presentations I saw, the key concepts discussed as well as things I found interesting or didn’t know.

Summary of Black Hat DC 2008 Briefings


DAY 1 - Web App Track


Preparing for the Cross Site Request Forgery Defense

·         A cross site request forgery (CSRF) can be used to force users to submit data to online web applications, sometimes manipulating their local cache or history.

·         This vulnerability could make a user run a search query, fetch arbitrary image files or pages as well as post messages to online forums, or even manipulate their account.

·         Two demos showed how this could be done using Netflix and Google.

·         Basic way to prevent CSRF is to always require one parameter that the attacker would not know


Threats to the 2008 Presidential Election

·         Online donations for presidential campaigns have been used more than ever in 2008

·         Typo squatting such as (mistype of is easy way people can get trapped or tricked

·         Email squatting, for example, emails to go to the unintended recipient

·         Phishing sites that redirect donations to opposing candidate, the phisher or someone other than the intended candidate

·         Denial of services attacks are possible by a high-number of small transaction donations at one time

·         Browser data leakage, using a CSS link visited feature, website can determine whether you’ve viewed a webpage before

·         Monitoring of people’s communications (i.e. FlexiSpy receives copies of SMS, call logs, emails and lets you listen to conversations on mobile device)

·         Ransomware could be a virus, Trojan, or worm that encrypts your data and demands a ransom for it’s restoration


Bad Sushi: Beating Phishers at their Own Game

· is a collaborative website for tracking phishers on the Internet and has an open API for developers to integrate anti-phishing into applications

·         Reality is scary, simple Google searches such as “Spam ReZulT” return numerous compromised online identities

·         Phishing is easy, a number of phishing kits have been developed and are just copied, edited, and reused in most cases

·         Phishers even phish each other, the author of a phish kit builds in his/her own feedback loop, which other phishers may or may not notice when modifying and reusing

·         Root problem is that static identifiers & passwords are often used, resolution is to use two-factor authentication

·         (ATMs are a target as well, ATM skimmers steal swipes of your debit card and record keypad touches)


URI Use and Abuse

·         Some software such as Trillian, iTunes, Picasa expose a custom URI (for example, picasa://) that can be used in a browser

·         This opens up the attack vector of vulnerabilities in the software to the Internet

·         Registered URIs are kept in the registry of Windows (Macs have them too)

·         Demos included using an exploit in Adobe Reader to cause a buffer overflow and using Google’s Picasa to steal the user’s pictures


Scanning Applications 2.0

·         Web Hacking Incidents Database (WHID) is Web Application Security Consortium project dedicated to maintaining a list of web application related security incidents

·         Web 2.0 applications differ from traditional ones in that they usually leverage dynamic client-side scripting and web services (see Pageflakes for numerous examples)

·         Techniques for testing web 2.0 applications include

o   determining the web service type via fingerprinting

o   determining the AJAX library type via fingerprinting

o   fuzzing information structures such as JSON, XML etc.

o   crawling sites with the DOM as opposed to direct links

·         Presenter offers free tools for scanning web 2.0 applications here



DAY 2  - Defense Track


DTRACE: The Reverse Engineer’s Unexpected Swiss Army Knife

·         DTRACE was created at Sun and release with Solaris 10

·         Now in Apple OS X, and soon to be in FreeBSD

·         Allows you to trace an application at runtime in an almost root-kit like way

·         Beauty of it is that it’s built into the OS and was designed to be the least intrusive on the application under trace

·         Uses the language of D, which is a subset of C, but without control-flow constructs

·         DTRACE toolkit gives you templates out of the box for seeing stack analysis, code coverage, heap analysis etc.


Dynamic Taint Propagation: Finding Vulnerabilities Without Attacking

·         Taint propagation is a technique where you track your system code during execution and figure out what values are “tainted” by input that comes from outside

·         A taint propagation tool would track inputs throughout the system and give you test coverage execution information of all possible input paths

·         Fortify is a company that sells products that do this for .NET or Java


(un)Smashing the Stack: Overflows, Countermeasures, and the Real World

·         Recommended reading, How to Writer Buffer Overflows, by Mudge

·         Discussed defense mechanisms (such as StackGuard, DEP, ASLR) that have been built into operating systems to make exploiting overflows harder


Classification and Detection of Application Backdoors

·         Backdoors exist in many applications and are sometimes purposely baked in

·         Types include special credentials to bypass authentication and/or hidden functionality that can be used to do something extra to the system

·         One example was given, the creator of Unix put a backdoor into the login prompt. To prevent people from seeing this backdoor in the code, since it was open-source, he hid the logic for putting the backdoor in the code inside the compiler. To prevent people from seeing that, he only distributed the compiler binaries and not the code. To prevent people from seeing the logic when the disassembled the binaries, he put code in the dissembler that stripped it out. Moral of the story is that backdoors exist many places we don’t know about


Botnet Population and Intelligence Gathering Techniques

·         Botnets usually refers to a group of compromised computers (via a remote access trojan, RAT, for example) remotely controlled by a master

·         They utilize DNS instead of IP addresses since you can create an almost infinite amount of domains using subdomaining and change them to point to new IP addresses

·         Tools out there make it easy to set up a botnet (for instance, using the PoisonIvy trojan)

·         Research at Georgia Tech is using DNS caching distribution patterns to estimate relative size of botnets that exist on the Internet


Information Operation in the Cyber Domain, Immunity Style

·         Presenter was hired for a large-scale targeted attack on a private company

·         This differed from other penetration tests in that they had no time limit

·         They were able to compromise the network first through the email server and monitored all emails

·         Then via a little social engineering and an ActiveX script vulnerability they installed an undetectable shell extension on user’s computers

·         At that point they discovered that there was another segmented network that something was moving between with a USB keychain

·         They modified a USB memory dump tool to write all the data from the keychain to disk and managed to compromise secret data from the segmented network

·         (A Microsoft Research tool called Detours was used as part of the attack!)


Monday, February 4, 2008 # 
(It has links to things such as the C# language specification and a reference guide to the CIL Instruction Set).

Thursday, January 24, 2008 #

Good article on dependency injection using Spring.Net:

Monday, November 12, 2007 #

Many antivirus programs are still susceptible to this evasion technique:

Original post:

News article:

Tuesday, October 30, 2007 #

Default get/set accessors:

public class Person
   public string Name { get; set; }
   public int Age { get; set; }

Property initialization:

Person author = new Person { Name = "Jay Miller", Age = 40 };

From this article:

Monday, August 6, 2007 #

Here is a pretty good introductory article on crypto in .NET:


Tuesday, July 24, 2007 #

I know that I'm going to be looking for this article later so I might as well share it here:

It has some useful PDF utilities as well as others.

Wednesday, July 18, 2007 #

Here are a few goodies I came across for Office Word 2007...

Want help getting started with Word 2007? Add the "Getting Started" ribbon tab inside of Word:

Having trouble with the new Word ribbon (menu) system? Use this interactive guide to help with the transition from the previous menu system to the current ribbon system:

What to save Office documents in the PDF format? Get the free plug-in:

Friday, July 6, 2007 #

This is a huge open-source contribution from Microsoft:

The Distributed Pub/Sub Event System is a solution for cross-process and/or cross-server scenarios where a large amount of event handshaking is required and low latency is important. Basically, this architecture was designed for speed.

Even if you can't think of a usage scenario for this code-base in your stack right now, I strongly encourage you to just crack open the source and take a look. I personally think the design is a prime example of true software engineering craftmanship, which is simply a thing of beauty.

By the way, I was the one who tested this bad boy before it was released. Therefore, I can't claim rights to the elegant design, but I can claim rights to some of the quality--hopefully not the lack thereof!


Friday, June 29, 2007 #

A few good write-ups on performance:


Friday, June 22, 2007 #

This article was inspiring to read. Well, at least 4 out of the 5 ideas sound really cool to me. I don't completely see the benefits of trying to model the human brain with a computer seeing as we don't even understand how it works yet:,1895,2147447,00.asp.

Tuesday, June 12, 2007 #

I just got done with a long afternoon of implementing a Windows Service to self-host my WCF service. It was a bit trickier than I thought it would be so if I can save you the headache I'll be happy.

A good place to start is by reading these two MSDN articles:

Next, you'll want to understand these support articles: (I needed this to get the wsdl stuff working) (need to do this before TcpNetBinding will work) (an example app hosting WCF) (more on self-hosting)

Thursday, June 7, 2007 #

Examples of Traditional Software Development Methodologies



Rational Unified Process (RUP)



Examples of Agile Software Development Methodologies

Extreme Programming


Lean Software Development

Feature Driven Development (FDD)

Dynamic Systems Development Method (DSDM)

A few things I learned today while instrumenting some binaries in preparation for performance profiling:

Resigning a .NET assembly is as simple as opening a VS command prompt and entering:

sn –R MyAssembly.dll MyApplicationKey.snk

Browsing the GAC through Windows Explorer -- open a command prompt and enter:

SUBST L: C:\winnt\assembly

Now you can browser the assembly folder using your L drive. This also makes it easier to reference a DLL in GAC inside a VS project.

(tips taken from: &

Wednesday, June 6, 2007 #

WebDAV & IIS--A remote file access solution to consider:

Tuesday, May 29, 2007 #

I was curious to understand Kerberos on a much deeper level so I decided to gather some resources in order to learn what was really going on under the hood:


Kerberos Explained (Windows Server 2000)

Introduction to Kerberos Webcast (Windows Server 2000);en-us;822248

Kerberos Auth in Windows Server 2003

Kerberos Network Authentication Service (V5)

Monday, May 14, 2007 #

This article reviews three open-source web service testing tools that might be useful if you don't already have one:

Tuesday, April 17, 2007 #

A nice little article on leveraging MSMQ in .NET:,339028399,339274877,00.htm

Tuesday, April 10, 2007 #

Here is a nice overview of the web server usage statistics from the April 2007 Netcraft survey:

Server No. of
Market Share No. of Sites
With .com domains
Apache 66,899,485 58.86% 36,803,903
Microsoft-IIS 35,377,426 31.13% 22,721,673
Unknown 2,761,059 2.43% 2,042,800
Sun-ONE-Web-Server 1,663,476 1.46% 1,244,246
lighttpd 1,382,843 1.22% 1,182,516
Oversee 845,404 0.74% 726,754
Zeus 488,838 0.43% 154,088
Netscape-Enterprise 241,852 0.21% 122,194
Rapidsite 194,758 0.17% 109,697
tigershark 189,791 0.17% 144,721
thttpd 142,575 0.13% 8,536
Lotus Domino 88,250 0.08% 29,840
AOLServer 70,301 0.06% 3,702
Zope 48,556 0.04% 12,337
WebLogic 29,579 0.03% 16,955
WebSTAR 28,334 0.02% 17,036
Stronghold 22,465 0.02% 13,751
Oracle-Application-Server-10g 17,617 0.02% 7,298
Squid 15,950 0.01% 4,674
4D_WebSTAR_S 11,669 0.01% 5,605
WebSitePro 9,353 0.01% 4,723
WebSite 7,908 0.01% 3,324
Orion 5,745 0.01% 3,738
Xitami 4,602 0.00% 3,248
Roxen WebServer 4,430 0.00% 1,373
Sambar 4,260 0.00% 1,765
Abyss 2,864 0.00% 1,309
Enterprise for NetWare 1,819 0.00% 489
Netscape FastTrack Server 1,472 0.00% 604
WN 1,353 0.00% 107
WebSphere 1,277 0.00% 658
JRun 1,222 0.00% 704
NCSA HTTPd 910 0.00% 206

It shows an already widely-used and gaining in popularity web server called lighttpd that is being used for static content serving in some large-scale scenarios like YouTube and Wikipedia.

Thursday, April 5, 2007 #

A new library website devoted to IT architects:

Wednesday, April 4, 2007 #

A colleague of mine found this great resource of SQL Server whitepapers:

Monday, March 19, 2007 #

If asynchronous programming in ASP.NET is something you haven't been doing, then you'll want to check this article out: Instead of spending more $ on new servers or hardware you might be able to utilize async Pages, Handlers, and Modules to lessen the amount of threads waiting to execute.

This article proposes some great ways of making common sequences of operations on lists more reusable in .NET: It reminds me of some of the built-in set operations that are available in the SmallTalk programming language.