C#

About 8 years ago I was writing scripts to run on a network with over 130.000 computers (of which 5000 I administered). The scripts ran 24/7, parsing computer’s inventory log files, which they sent to a central server. It was possible to detect and fix a whole bunch of issues, most of the time even before a user would notice something was wrong. Note that most of those computers were running Windows NT 4, including the domain controllers. The task to install application in all those computers and keep their anti-virus signature up-to-date was not as trivial as it is today. There were times we needed to perform tasks on computers that weren’t even switched on. And I must admit, back then I was quite proud of the solution I came up with for this particular case. Although it’s not my goal to go into details on how I managed to get any of those 5000 computers, spread in 130 different offices, powered-on at any time; I want to write a little about the core of the solution: Wake on Lan ...

If you are familiar with the mocking framework Moq, you’re used to call Setup with the overload taking a Func<T, TResult> and expect after that the Return<TResult> method to be available. And it’s normally there. However, I just ran into an interesting scenario, where calling the correct overload did not make available the Return<TResult> method. In my case the code being mocked is a dependency that makes a request on a webservice. A mockup of the wrapper class is created, and the Load method, which returns an XDocument, is setup. ...

When you need to push data to a SignalR hub from outside the hub (from a Controller for example), don’t try to create a new instance of the Hub, like I did. Otherwise you’ll see this nice exception: Using a Hub instance not created by the HubPipeline is unsupported From Microsoft.AspNet.SignalR.Core Instead, the hub context must be retrieved: var context = GlobalHost.ConnectionManager.GetHubContext<HubType>(); context.Clients.All.Whatever();

WIF and SAML 2.0 First some background: There is a known issue on WIF (Windows Identity Foundation) for SAML 2.0 that generates cookies with a name being a GUID and the value, base64 encoded data that grows every SAMLRequest the module handles. The decoded value looks like: 0;1;2;3;4;5;6;7;8;9;10;11;12;13;14;15 It starts with small ones but get really, really large. Every client gets one of these cookies and each time they are bigger, to the point that when they are sent back to the server, an HTTP error is thrown: HTTP 400 - Bad Request (Request Header too long) ...

Punycode is used to encode Unicode characters into ASCII for IDN (Internationalized domain name). On the RFC 3492 you’ll find: “Punycode is a simple and efficient transfer encoding syntax designed for use with Internationalized Domain Names in Applications (IDNA). It uniquely and reversibly transforms a Unicode string into an ASCII string.” Now if you are looking for validating TLD (Top level domains), you must have that information in mind. The ICANN list of TLD also contains the IDN ccTLD that started to be included in 2010. ...

When people ask: What would I use a TCP Forwarding tool for? Normally the answer goes like “to eavesdrop someone’s connection”. Most of our connections go over SSL (at least the most important ones) and the certificate would be invalidated in case a MITM would be on going. There are some troubleshooting situations when one would use a TCP forwarding tool as a proxy from one box to another but on what basis this technique/tool is used can vary a lot. ...

ICMP (Internet Control Message Protocol) has been used for data transfer since always. Known as ICMP Tunnel, there are several projects and articles about this, mainly open source, like ICMP-Chat for unix-like that is about 10 years old now. Also an interesting article, explaining how to tunnel TCP over ICMP with a simple command line tool for unix-like environment, also ported to Windows. In case you are not familiar with the idea, a description from Wikipedia follows: ...

Attacks like DDoS or simple web defaces are just vandalism and for sure quite annoying. However, what is considered to be a serious threat is when skilled attackers target one application (or one company), looking for specific information. They dig until they find a security hole, escalate privileges and once they have access to one server, they begin to obtain access to other computer systems within that network. What does it have to do with HttpModules? ...