Alik Levin's
Consulting - Stories from Trenches, Case Studies, and Tech Notes
Browse by Tags
All Tags
»
Deployment Phase
(RSS)
Auditing and Logging
Authentication
Deployment Inspection
Development Phase
IIS 7
Implementation
Inception Phase
Interop
Performance
Planning Phase
Practices
Security
Sensitive Data
Test Phase
Tools
Vista
WCF
Use FREE Tools From IIS Resource Kit To Warm Up Your ASP.NET 1.1 Application By Batch Compilation
Have you noticed that when ASP.NET web application is accessed for the first time the response is slow? The reason for such behavior is batch compilation that occurs on the first hit. ASP.NET batch compilation is the process of compiling ASP.NET markup
Read More...
Performance Sin - Chatty Database Access And Loops (Plus Another Free Performance Tool)
Chatty database access is the surefire way for slow performance caused by resources starvation that might even lead to denial of service. Following is a real world case. Customer Service Unavailable message is consistently observed when there
Read More...
Securing IIS7 - Windows Server 2008 Security Guide
Windows Server 2008 Security Guide is out. It covers many crucial aspects but my favorite of course is IIS7 chapter: Chapter 6: Hardening Web Services This chapter provides prescriptive guidance for hardening the Web Server role. The chapter discusses
Read More...
ASP.NET 2.0 Internet Security Reference Implementation - Have It Handy
JD Meier writes in his blog : The ASP.NET 2.0 Internet Security Reference Implementation is a sample application complete with code and guidance. Our purpose was to show patterns & practices security guidance in the context of an application scenario.
Read More...
Composite Application Block (CAB) Programming Essentials - Crucial For CAB Performance
Rich Newman posted awesome guides for Composite Application Block (CAB) programming: Table of Contents: Introduction to CAB/SCSF Part 1 Modules and Shells Part 2 WorkItems Part 3 Introduction to Dependency Injection Part 4 An Aside on Inversion of Control,
Read More...
Examining WCF Diagnostic Traces Using Service Trace Viewer Tool (SvcTraceViewer.exe)
Service Trace Viewer Tool (SvcTraceViewer.exe) tool comes with Microsoft® Windows® Software Development Kit for Windows Vista™ and .NET Framework 3.0 Runtime Components . It allows to view WCF diagnostics traces in very convenient way. " Using Service
Read More...
Authentication And Identity Flow When ASP Page Consumes ASP.NET Web Service
"Classic" ASP has application isolation that is different from ASP.NET. Here is one of the real world scenarios where it might matter. There is a legacy web application written in ASP and hosted on Win2K3 box (IIS 6.0). It is of course in the process
Read More...
Client Certificates Authentication - Dirty Trick To Disable CRL Check. For Demos Only!
My lab domain has MS CA installed in it so I am able to issue certificates to the left and to the right. Recently I spent some time to understand why client certificates authentication does not work. More precisely the certificates dialog box was offering
Read More...
Web Services Over SSL - Is It Really That Slow Like They Say?
My answer is "no" . I am working on solution where there is no Windows Active Directory Domain so we cannot utilize our beloved Kerberos and Windows Integrated Authentication saving big on configuration and management while taking advantage of increased
Read More...
Man-In-The-Middle-Attack: Protecting Http Traffic With SSL Might Be Not Enough - Consider Protecting SQL Traffic Too
Think configuring SSL for your web site is enough to protect against prying eyes? Here is how the sensitive data can be exposed by sniffing your SQL traffic. Consider common simple 3 tier web architecture for data driven web site. The Web and DB server
Read More...
WCF Security In Intranet Scenario : Thoughts On Cons and Pros
I am researching on best practices with WCF security in terms of "YOU SHOUD" vs "YOU CAN". While it is great to have "How to" stuff I am also interested in "Why" angle. I have common simple scenario of WinForms client consuming WCF service inside corp
Read More...
Ubuntu And Apache Web Server Join My Lab Network
I have my lab network, my playground Active Directory Domain( more on it here - How I Setup Lab Domain Using VPC 2007 ). I have customers who explore on interoperability between .Net applications and Java application that run on Windows/Linux. They seek
Read More...
T-Shooting Kerberos
I was delivering "Authentication Explained" session for Security User Group. First off - thanks for attending the session! The session was based on "Authentication Explained" workshop . During the session I was demoing the following topics: Identity Flow
Read More...
IIS 7 Configuration File - applicationHost.config - Password Management
From my learning of IIS7 I understand that IIS7's metabase is actually XML configuration file very familiar to me and similar to ASP.NET's web.config. It is called applicationHost.config and sits in C:\Windows\System32\inetsrv\config My first interest
Read More...
IIS 6.0 Was True Love, New Romance Is About To Begin - IIS 7
I just could not hold it back - it is midnight and I am watching Richard Turner's screencast - New Screencast: How to configure IIS7 for Windows CardSpace sites It was humiliatingly :) easy to set up test server cert, so I've done it, here is the prove:
Read More...
More Posts
Next page »
Search
This Blog
Home
Email
Twitter Updates
follow me on Twitter
Books I recommend
The 22 Immutable Laws of Branding
The 21 Irrefutable Laws of Leadership: Follow Them and People Will Follow You
The 4-Hour Workweek: Escape 9-5, Live Anywhere, and Join the New Rich
Raving Fans: A Revolutionary Approach To Customer Service
The Tipping Point: How Little Things Can Make a Big Difference
The Leadership Pill: The Missing Ingredient in Motivating People Today
The Handbook of Emotionally Intelligent Leadership: Inspiring Others to Achieve Results
The Power of Full Engagement: Managing Energy, Not Time, is the Key to High Performance and Personal Renewal
Overachievement: The New Model for Exceptional Performance
The Dream Manager
Swim with the Sharks Without Being Eaten Alive: Outsell, Outmanage, Outmotivate, and Outnegotiate Your Competition
Weinberg on Writing: The Fieldstone Method
Gemba Kaizen: A Commonsense, Low-Cost Approach to Management
The One Minute Manager
Kaizen: The Key To Japan’s Competitive Success
Secrets of Consulting: A Guide to Giving and Getting Advice Successfully
The Dip: A Little Book That Teaches You When to Quit (and When to Stick)
Tags
Agile
AJAX
Application Lifecycle Management
Architecture
Auditing and Logging
Authentication
Authorization
Azure
CardSpace
CAS
Code Inspection
Consulting
Deployment Inspection
Deployment Phase
Development Phase
End User
Exception Handling
Fuzzing
IIS 7
Implementation
Inception Phase
Information Gathering
Input Validation
Interop
MVC
Operations
Performance
Planning Phase
Practices
Reflection
Security
Sensitive Data
SharePoint
Test Phase
Threading
Threat Modeling
Tools
Video
Vista
VSTS
WCF
Archives
June 2009 (4)
May 2009 (4)
April 2009 (2)
March 2009 (7)
February 2009 (8)
December 2008 (2)
November 2008 (9)
October 2008 (6)
September 2008 (4)
August 2008 (1)
July 2008 (7)
June 2008 (5)
May 2008 (4)
April 2008 (4)
March 2008 (3)
February 2008 (3)
January 2008 (10)
December 2007 (6)
November 2007 (4)
October 2007 (11)
September 2007 (4)
August 2007 (6)
July 2007 (8)
June 2007 (3)
May 2007 (21)
April 2007 (25)
March 2007 (25)
. My Personal Blog .
Practice This
.Net Performance How To's
Improving .NET Application Performance and Scalability
Exceptional Performance
Performance Testing Guidance How-To's
Fiddler PowerToy - Part 2: HTTP Performance
Performance Testing with Fiddler
Bottleneck-Detection Counters
Troubleshooting Performance Problems in SQL Server 2005
Performance Frame - v2
12 Steps To Faster Web Pages With Visual Round Trip Analyzer
.Net Security How To's
patterns & practices Security How To's Index
ASP.NET 2.0 Security Questions and Answers
Tamper detection
Authentication Hub
VSTS Resources
Architecture and Design checklists
Securing Sites with IP Address Restrictions
WCF - XSD validation for WCF services
WCF - Message Inspectors
Using Credential Management in Windows XP and Windows Server 2003
WCF - Common Security Scenarios
WCF - Authorization
Validating XML Data with XmlReader
Input Validation - XML Data
Validation - Web Client Software Factory
patterns & practices WCF Security Application Scenarios
Microsoft Identity and Access Management Series
Design Patterns
data & object factory
Yahho Design Pattern Library
Sample .Net 3.0 app
Application Architecture for .NET: Designing Applications and Services
Litware HR - A Multitenant sample application
Microsoft .NET Pet Shop 4.0
Responsive Composite Web Client Reference Implementation
Table of Contents: Introduction to CAB/SCSF
ASP.NET Quickstarts
Microsoft Identity and Access Management Series
Software design patterns
Impactful
Super Size Me
Billy Eliot
The Legend of 1900
The Terminal
The Counterfeiters
Lifecycle Phases
5. Deployment Phase
3. Development Phase
4. Test Phase
1. Inception Phase
2. Planning Phase
Popular
My Favorite Shortcuts
My Pipeline Is My Inbox
Security .Net Code Inspection Using Outlook 2007
Security Code Inspection - Eternal Search For SQL Injection
.Net Assembly Spoof Attack
Code Inspection - First Look For What To Look For
How To Hack WCF - New Technology, Old Hacking Tricks
Generate Documents Out Of Mail Items Directly From Outlook 2007
ARCast With Ron Jacobs - Defending the Application
How to Use Outlook 2007 RSS To Effectively Aggregate And Distill Information
Tools
Fiddler2 Web Debugger - Freeware HTTP(S) debugging tool
Microsoft Network Monitor 3
FxCop Team Page
Microsoft Threat Analysis & Modeling
Windows Sysinternals tools
Log Parser 2.2
p&p Practices Checker - performance
Microsoft ® Windows Server ™ 2003 Performance Advisor
Ajax View
WCat 6.3 (x86)
Funnel Web Analyzer 5.0 for Windows
Syndication
RSS 2.0
Atom 1.0
