Tag | Security Posts

Starting in mid July, Microsoft will be selling Office by subscription. Including Office will be a security software program called Live One Care. The costs will be $70 a year. Even though Google has free web based programs that compete with Office, many students and teachers still prefer to use Office. This announcement is a win win and you can purchase the product at Circuit City. Technorati Tags: Office,Microsoft,Circuit City ...
I have decided to start a blog, I plan on posting solutions & tips for other developers to use in all things .NET and also post any other interesting facts and activities that I feel would be of importance to others. I also hope that readers of this blog may be able to help with providing answers to my questions too. Anyway, I am currently working on 2 projects over on Code Plex (there is a 3rd in the pipeline-that uses these 2 libraries): www.codeplex.com/DotNetLibrary The Dot Net Library contains ...
Windows CE 6.0 introduces some new security features including new meaning for User Mode and Kernel Mode. Loosely speaking, Kernel Mode has access to the system’s resources and User Mode is greatly restricted. One of the new restrictions on User Mode code is that calls to KernelIoControl are limited to the following OEMIoControl IOCTLs: IOCTL_HAL_GET_CACHE_INFO IOCTL_HAL_GET_DEVICE_INFO IOCTL_HAL_GET_DEVICEID IOCTL_HAL_GET_UUID IOCTL_PROCESSOR_INFORMATION As an OEM you can change this to allow access ...
[Source: http://geekswithblogs.net/E... The Enterprise Single Sign On database can function as a centralized configuration store, as well as an identity store, which is available to all BizTalk instances in a group, and also to custom .Net apps. For a clear explanation of the benefits and drawbacks of the EntSSO approach (and the alternative options), see Michael Stephenson's post Where do I store my custom configuration for a BizTalk solution. Here I'll look at overcoming some of the practical ...
Do you need training on PerformancePoint Server? New Horizons of MN in partnership with Solid Quality Mentors has a class coming up the week of July 7 in Edina MN. Link for more information: http://www.nhmn.com/Courses... Course Title: Microsoft Office PerformancePoint Server 2007 End-to-End Class Overview Written and delivered by industry experts, this five-day course provides students with the technical skills required to design, develop and manage solutions using ...
Here's a great blog post on the US ISV Developer Evangelism Team blog that talks about Best Practices Security Tools that help ISV's Protect Against Web Attacks. http://blogs.msdn.com/usisv... You can also check out the following link, to learn more about how you can protect your Web site from SQL Injection: Microsoft Security Advisory (954462): Rise in SQL Injection Attacks Exploiting Unverified User Data. ...
Just a reminder that the Tampa Bay IASA June meeting is this Thursday night (June 26th) starting at 6:30 PM. Please be sure to register so we have an idea of how many pizzas to order, and remember that the outside doors lock and the elevators need a security key after 7:00 PM. Don't forget to sign up for our free newsletter! Dependency Injection using the Microsoft Unity Application Block The Microsoft Unity Application Block is a lightweight Dependency Injection Container that is currently being ...
As I've been helping out with VMware I wanted to consider the old question of whether developers really could work inside virtual environments? As we know virtual environments can help maximise under utilised resources, CPU, RAM, diskspace and save on space, power, HVAC and TCO with centralised support and maintenance. Another main advantage of virtualised environments that is particularly attract to many developers is the ability to remote work which is a requirement that has become far more common ...
We have started an initiative this year. We call it End2End Automated Testing. The idea is based on a couple of factors. Many times in the past we have not had an easy way to verify our configuration, security and deployment to an environment in an automated way. The second is that regression testing is a very arduous process for our QA staff when it must be completed. How do we give time back to our testers and verify everything in a given environment is correct? With automation of course! So what ...
Once upon a time there was a little girl called Privacy. Privacy had a rough childhood, having suffered a lot while trying to grow up, and being invaded and broken several times. Her mother, Civil Liberty, tried to create a better environment for her whenever it was possible, but Government, a man hungry for power, was always trying tear little Privacy into pieces. The thing was that Privacy had the keys to several places that Government wanted to go to but Privacy wouldn't open the doors all the ...
Today I was moving a prototype dashboard off a virtual server onto a development server. I saved the workspace file and copied it over and I got the following error when I clicked the test button in the data source page - "Unable to connect to the specified server. Make sure the address is correct" This was a bit puzzling as it was connecting to "localhost" so it should have worked fine on the dev server. If you do a search in your favorite search engine for this error you will possibly come across ...
So if you have a look at the MSTSC.EXE file that starts the RDP session and use the /? to call further info from the component you get something very much like this: But if you dig a just a touch deeper you will find that the MS Terminal Services Client or RDP Client as it is more commonly known draws the config information for most of its settings from the simple DEFAULT.RDP file that will typically be saved in the Users profile. (see example below) So if you want to make changes to the way it behaves ...
Read this on foxnews today. I had to laugh. Having been a system admin, all I can think is duh? Have they never read BOFH? If you don't know what it is, read it here and here. Several notes: 1. We don't need to change our passwords as often. We don't write them down on sticky notes and post them on our desks. We don't give them out over the phone in restaurants (I overheard a bank teller's username and password once in a restaurant while she was on lunch break . . .), and we practice safe computing. ...
If you are still writing code using .Net 2.0, why? WCF rocks! I don't usually get excited about development technologies but this one I do! WCF really does save time and large amounts of connectivity code and makes a big difference in SOA projects, this I discovered awhile ago when WCF was code-named Indigo. From a SOA perspective, the most important reason to use .Net 3.5 is the ability to use WF and WCF together. Before hand it wasn't really possible so an upgrade to Visual Studio 2008 is well ...
We should install the certificate to the server that hosts the services with Transport level security. For tests we could use the self-made certificate, for production we recommend to use the certificate issued by the industrial certificate provider as the VeriSign. 1. Install Microsoft .NET Framework 2.0 Software Development Kit (SDK) (x64) [http://www.microsoft.com/d... It is installed by default to the "C:\Program ...
My second session at the TechPulse Conference is a topic called "Small Business Server 2008: Sneak Peak" presented by MyTechPartners and Success Computer Consulting (both together presented). Again, another great presentation style. They copresented and complimented each other well. The banter was back and forth and you could tell that these two organizations partner well together. Another great session guys.... Key points from the session: Who is SBS 2008 Designed for? Small (5-75 users) organizations ...
The July Chicago Architecture Group meeting will be held at the Downers Grove Microsoft office. Mike Smialek of Daugherty Business Solutions will be speaking on the Evolutioin of Architecture. Please join us and meet your peers in the Chicago architecture community. You need to pre-register because of building security and it also helps us to know how much food to order. Please visit the link below. http://chicagoarchitectsgro... ...
Windows CE supports starting applications in the \Startup folder when Windows Explorer starts, but doesn’t automatically run applications on removable media when the media is inserted. It would be nice to have that ability for some devices, although tread lightly with this if security is an issue. The following code example demonstrates how to use the Message Queue Point-to-Point functions and Storage Manager API to detect insertion of removable media and then launch exe files found in a Startup ...
I needed to get TFS 2008 (both the server alerts and TFS web access) to send emails over a secure SMTP relay. "Easy", I thought. I remembered setting up SMTP username/password during the web access setup, at least, so I'll verify settings, and then it should just work. I couldn't be more wrong. Through peeling back the covers and discovery, I found myself saddened at the SMTP implementation in TFS. I can only hope that this is changed in a future service pack for TFS 2008, or at the very least, Rosario. ...
As we use more and more virtual machines, particularly for development, there is a risk because they don't get updated by pushing critical security or virus updates and then they are fired up six months later we can have a security problem. Microsoft has a solution for their virtual machine environment adding to the virtual machine management tooling - the Offline Virtual Machine Servicing Tool. This turns on your VMs, updates them and shuts them down automatically. You can find information about ...
Okay, I didnt know what to expect this being my first Apple WWDC. I am a vetran of ten Microsoft TechEd’s and a couple MECs. For the most part, Microsoft has cold the logistics of feeding, moving and running over ten thousand people around in an orderly fashion. People would joke about the strictness of the lunch ushers or the “soda and cookie nazis” that guarded the coolers and treats until just the right moment. We laughed at the guards that made us go a certain way and managed the ebb and flow ...
Mental note: Never fly United ever, ever again. Please cancel my United frequent flyer membership and flush all my miles down the proverbial toilet on one of your crappy planes. We all know how bad off the airline industry is. They are limping along, or at best, trying to ‘reinvent’ themselves in to some kind of relevancy while slowly stripping us of benefits and things that were once standard wherever you flew. Now you pay for your luggage, you only get a granola bar for your $1200 first class seat ...
This time I would like to show, how to create full screen in Silverlight 2.0 RTW. Changing application to full screen using only "Application.Current.Host.C... is nothing special because only web browser's window is changing. Our application, have still the same size like before switching to full screen state. So how to resize application, so it will change simultaneously with web browser? Solution is very simple and all we have to do is use transformations. Let's start with simple ...
Everyone is streaming in trying to find the optimal seat. After four hours of waiting in line, I don’t care where I sit just as long as I am sitting. There are large plasmas all over the place which is good – from my vantage point, Jobs is going to be a dot. Huge applause – Al Gore is here in the audience. From my seat: More cheesy pre-show music … 10:01 AM PST Still waiting, people still streaming in. Whomever was in charge of the herd\logistics should be shot. Microsoft owns them in this regard ...
Back to Universal Studios for the Attendee Party, and a good time was had by all! Part of the park was closed off to us (I believe because of another party that seemed to be going on), but we still had a HUGE area to ourselves, and the majority of the attractions. All the food, drinks, and booze were free as well. Unfortunately the hours we had there were cut from 6 - 11 to 8 - 11. Now, you might think that three hours was alot of time...but not when lineups for the more popular rides were between ...
I still haven't found a very convenient way to listen to Audible books. I don't want to go out and buy a new phone or a new mp3 player just so that it will work with Audible's unnecessary restrictions. Burning to CD's is a bad option because at a minimum of 14+ cd's per book, its just wasteful. CDRW's are out because the cd player in my car can't read them. Audible's software players are decent, but they are only supported on the desktop (I don't want to listen to books on my desktop) and specific ...
I’m attending the first heat of Speaker Idol here at Tech Ed...I'm competing in the third heat and want to "scope out the competition". The judges are Steve Smith, Yasir from Austria, Mark Dunn, and Scott Stansfield (winner from last year). Rachel Appel is up first. She’s going to be talking about Dynamic Data. OMG, she’s using Northwind…I just heard Scott Hanselman from accross the convention center scream “NOOOOOOOOOO…”. Honestly I haven’t looked into Dynamic Data much, but I see that its using ...
Roles in Perth, Scotland Business Analyst Support Analyst/Programmers for Home Services systems Roles in Basingstoke, England Analyst/Programmers for Energy Sales systems with C#.Net or PL/SQL skills Roles in Havant, England Project Managers Business Analysts Senior Analyst/Programmers with ORACLE skills Analyst/Programmers with ORACLE skills Analyst/Programmers with ORACLE E Business Suite skills Lead Systems Designers IT Security Engineers Database Administrators (DBAs) ORACLE or SQL Server skills ...
So yesterday was the day before leaving for Tech Ed, and so I decided that it would be the *perfect* time to finally upgrade my travel laptop to Windows Server 2008. I mean seriously, how hard could it be?! Well...for the most part it wasn't. I actually really like having Server 2008 on my machine, except for one small issue that has become the dealbreaker...but let me just gloss over some things quickly for those thinking of doing the same thing: - When you install Server 2008, just do Standard ...
Datacenter Knowledge has 2 posts up about Switch Communications new datacenter in Las Vegas, which they are claiming is the highest-density datacenter in the world. http://www.datacenterknowle... http://www.datacenterknowle... Switch Communications says it is successfully cooling a section of its Las Vegas data center running at nearly 1,500 watts per square ...
I spent some time playing with the security and Work Item Templates in TFS in an attempt to figure out how the "Assign To:" property works. The Work Item Template allows you to edit the Suggested Values property of this field. Here is what I found: <FIELD name="Assigned To" refname="System.AssignedTo" type="String" reportable="dimension"> <SUGGESTEDVALUES> <LISTITEM value="[Project ]\Contributors" /> </SUGGESTEDVALUES> </FIELD> Displays in the dropdown: All users in ...
After creating your team project you need to set up the roles and users for your team members. There are three main places that you need to do this: The Visual Studio project, the project portal, and the report site. The easiest way to manage your TFS security is to create AD groups and populate them with the appropriate users. If you choose to use AD groups to manage your group memberships, you will end up with four types of groups: AD (Windows) groups, Team Project Groups, Team Foundation Server ...
Finally after spending hours building 3 servers (to do the job of the primary, mirror and witness) and installing SQL Server 2005 Enterprise with SP2 all sitting in the same domain. I was ready to try out Database Mirroring which arguably is one of the main reason people can justify the cost of purchasing the Enterprise edition. It should be easy, fill in the wizard and bob's your uncle, your trusty database is ready for instant uninterrupted failover goodness. In my case it all fell over with the ...
You may have heard, some folks are wondering why they haven't received a stimulus check like everyone else. You may have even heard ME bitching about it, or maybe you're one of the ones affected. Here's what I got in my inbox today: Dear Valued Customer, We want to provide you with the most up–to–date information about the tax rebate to which you may be entitled. Recently, you may have received a letter from the IRS advising you when to expect your Economic Stimulus Payment (rebate). That IRS letter ...
Don't be scared o thef Universal Print Driver! Printing is the biggest pain for most XenApp (formerly Presentation Server) administrators. My friends, don’t be afraid of the Universal Print Driver (UPD). Sure, there might be limitations to the UPD. However if you are running PS 4.0 or 4.5 there are few cases where you would need to install native drivers and 3rd party drivers. CITRIX METAFRAME XP (Universal Print Driver) · black and white printing · no advanced functions CITRIX METAFRAME PRESENTATION ...
So here is something silly I was running up against. In the end its super simple, but its not obvious, and not easy to google for. I want to equip the new servers are are installing with a standard weekly reboot schedule. I created a batch file that launched shutdown.exe with some fancy parameters, and set this up as a scheduled task for each server. I created a special domain account called sa-scheduledreboot with normal user rights, and rights to access the share, and of course the famous "log ...
What is Microsoft Windows SharePoint Services? How is it related to Microsoft Office SharePoint Server 2007? 2 What is Microsoft SharePoint Portal Server? 3 What is Microsoft Windows Services? 4 What is the relationship between Microsoft SharePoint Portal Server and Microsoft Windows Services? 5 Who is Office SharePoint Server 2007 designed for? 6 What are the main benefits of Office SharePoint Server 2007? 7 What is the difference between Microsoft Office SharePoint Server 2007 for Internet sites ...
My only disappointment is that we are currently in the middle of moving our current Solutions Centre from one Office location to the other so it'll be some while before I get a chance to test this. It certainly looks quite impressive and it does have some lofty aims, but from a brief look through as well as their well deserved reputation based on Flex Profiles I'm sure this will stand up to it's promises. Test Scenario’s With login VSI you can compare many different scenarios: • VDI vs. SBC • VMware, ...
When one of our departments decided to store sensitive reports, the architecture I first considered was storing them, unencrypted, in our imaging system. The imaging system cannot manage encrypted documents, but its security capabilities allow it to to deny unauthorized users access to the reports. This ability to restrict access seemed to meet our security requirements. Then I started asking questions about data backups. Offsite backups can be a major security vulnerability, as we have recently ...
Ive been doing a little research recently about the B2B capabilities of BizTalk. Based on the content currently available I thought it might be useful to have a B2B 101 style article with some background information and links to useful resources. so here goes! Background BizTalk is an integration and business process platform which can help you develop different kinds of solutions (BPM, EAI, ESB etc). One of the key scenarios which BizTalk allows you to develop solutions for is B2B. BizTalk can act ...
It took about 5 hours to get here (Iowa City) from Minneapolis, not counting a Pizza Hut stop around the halfway mark. I didn't see much corn (wrong time of year) but I did see plenty of corn fields and windmills... lots and lots of windmills. The weather sucked for a bit... really heavy rain and almost no visibility for part of it, but we eventually punched through it and got here. Checked into the hotel... hmm, not so great. It's kind of a dive and the security lock is busted off my door. That's ...
"Good morning everybody, you're tuned to Computers 2K8 on sports radio 850 The Buzz" and so began today's show as we do every Sunday morning from 8am - 10am here in Raleigh, NC. You can download the show from the show's website or you can listen do us live as we stream the show across the web. Vista Tip of the Day: Running Legacy Data in Compatibility Mode If you're having a problem running older software in Vista you might want to try running in compatibility mode. Here's how: 1) Right-click on ...
I might as well put in my two cents on saving Windows XP from extinction. I’ve tinkered around with Vista a little bit and the interface is pretty cool as long as you have the hardware to run it. Overall it looks good and does have more, albeit annoying, security features. Minor gripes would include changing items in the control panel that have been the same for years. My major gripe would be directly related to work and I’m sure other developers have already voiced this as well. The gripe would ...
It is quite easy to say that the IT world is a diverse world. For instance, it is quite rare that you would find an enterprise that is built upon a single vendor’s technology stack. Instead, you most likely find that a company is made up of a patchwork of systems. Some of the systems are based upon UNIX, some Microsoft, and some others (sometimes items that are considered legacy). A company’s software and data repositories are something that grows quite organically over time. Usually you will find ...
Employee Info Starter Kit is a starter kit, which includes very simple user requirements, where we can create, read, update ad delete (crud) the employee info of a company. The primary purpose of this starter kit is, to provide a solid guideline with respect to building enterprise level projects, by utilizing new asp.net 2.0 and sql server 2005 features, as well as latest best coding practices. The starter kit includes several cases where we can perform multi-table joining and/or write operations. ...
Just a reminder that the Tampa Bay IASA February meeting is Thursday night (April 24th) starting at 6:30 PM. This is an open discussion meeting, so bring your architecture problems, and depending on how many people we have and how many problems we may split up into small groups or try to solve problems one at a time. Please be sure to register so we have an idea of how many pizzas to order, and remember that the outside doors lock and the elevators need a security key after 7:00 PM. Technorati Tags: ...
The first thing developers starting to implement Windows Communication Foundation (WCF) should know is the difference between the BasicHttpBinding and the WSHttpBinding. This is very important as the BasicHttpBinding has some major drawbacks compared to the WSHttpBinding. From the functional view it makes no difference, it's just a client invoking an operation on a service, but there is a world of difference concerning the low level exchange of SOAP packets to achieve this. BasicHttpBinding is there ...
I am getting the message: "Unable to set permissions on the shared documents home folder" This is probably happening because the needed membership in the security groups for EDI/SQL roles aren't set up all the way through, it is likely some of it is set up already and some of it isn't -- so when your bts service account is trying to execute EDI, you see this sort of error. To correct this, try these quick few steps first. If all else fails, Microsoft has an online reference: http://msdn2.microsoft.com/... ...
I recently had a requirement to interop with a web service (written in Java, not that it matters all that much what it was written in) with a quasi-unique set of security requirements. They were as follows: SOAP 1.1 Transport security was an option. Production endpoint was using SSL; test endpoint was not. Need the flexibility to turn this on or off. Message Security consisted of two tokens (both WS-Security 1.0) Unsigned username token with plaintext password (forget the argument about plain text ...
CIPS Regina has done an incredible job setting up a 2 day seminar May 13 - 14th in Regina, SK. This seminar has Tech, Business and Student tracks on the first day; Tech and Business tracks on the second day. Dr. Venkat Subramaniam, is the feature presenter at this seminar. Dr. Venkat Subramaniam, founder of Agile Developer, Inc., has trained and mentored thousands of software developers in the US, Canada, Europe, and Asia. He has significant experience in architecture, design, and development of ...