Friday, July 4, 2014

[SOLVED] Comodo v7 blocking HTTP/S and FTP/S on Windows 8.1 IIS 8.5

Besides opening incoming HTTP ports in the firewall via "Global Rules", the annoying thing for me to find was also adding an "Application Rule" for "Windows Operating System" on those same ports.

Comodo v7.0.317799.4142

And this guy explains what's necessary for FTP very nicely...

  • in comodo > global settings > application rule - add 20,21 & 5000-6000 as allowed incoming TCP ports on "Windows Operating System"... you will also hopefully get prompted to allow svchost which is responsible for running the ftpsvc
  • on internet router - forward ports 20,21 and 5000-6000
  • in IIS FTP settings
    • require SSL
    • firewall support - put external wan address in 
    • firewall support at *SERVER* level (not site) - set ports 5000-6000
    • point ftp site a folder
    • create login for ftp and make sure it has access to folder
  • filezilla settings
    • require explicit ftp over tls

Wednesday, June 11, 2014

List all your Azure RDP's

Get-AzureVM | #this first one gets the entire list of VMs in subscription
    Get-AzureVM | # this one gets the detailed object for each specific VM
        $port = ($_ | Get-AzureEndpoint | ? {$ -like "Remote*"})[0].Port;
        $null = $_.DNSName -match 'http://(.*?)/'
        write-host "$($_.Name) - $($matches[1]):$($port)"

Saturday, February 8, 2014

SQL Server Aliasing

  • Done via "SQL Server Configuration Manager" > "SQL Native Client vXY.Z Configuration" > Aliases
  • tip: SSMS.exe is a 32bit app (because Visual Studio, upon which it is based, still has a well established justification for 32bit) and therefore it depends on the (32bit) Client Configuration node above to find your server alias
  • For mainstream sql server network client API based connections there is no need to put this alias anywhere else (i.e. not in DNS/hosts file nor AD computers)
  • tip: in AD trusted login context, it seems mandatory to use the name of the actual SQL Server host machine vs just the corresponding ip address; otherwise i would always get bonked with "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication."

Monday, January 20, 2014

[SOLVED] Win8.1 Upgrade - No "Keep Windows settings, personal files, and apps" option

I was met with only two options from the Windows 8.1 upgrade, "Keep Personal Files Only" or "Nothing". Not much of an "upgrade", I went poking around.

For me it turned out that I had been fiddling with localized development a while back and had an old en-GB language pack still installed. There are various references that the Win8.1 upgrade criteria prohibits "cross language" installs.

Apparently a language pack can't be removed from a running Windows instance, it must be "offline". One way is from the CMD.exe of a Windows DVD/USB install boot disc. Tip: Shift-F10.

After :)
To find which language packs are installed ("Language" is case sensitive):
dism /image:c:\ /get-packages | find "Language"

Which output something long like this:
Package Identity : Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~en-GB~6.2.9200.16384

To remove the package:
dism /image:c:\ /remove-package /packagename:{long_name_from_above_output}

That ran for a few minutes to completion and when I booted back into my main instance and retried the upgrade, I was met with the new desired option to preserve my applications as well - yay :)

Monday, December 23, 2013

KeePass + Cloud Storage = (near) Password Nirvana

KeePass2 - Password management application
  • 10 years mature
  • Free
  • Windows, Linux, Mac, Android and iOS versions
  • DropBox compatible (Google Drive, etc)
  • Autofill browser plugins
  • Rich text area for notes (e.g. challenge phrases and other reminders)
  • Open source (.Net)

  • Mac (and Linux) can run the Windows.exe via Mono
    • Initially ran native KyPass Companion on the Mac side (~$8). Have since switched back to the free mainstream build (see below)
  • On Android phone using Keepass2Android (free) with solid results
    • Provides special keyboard which facilitates autofill
    • DropBox and other cloud drives well supported (synchronize)
    • Handy yet still secure Quick Unlock feature
    • Consider a good android lock screen as additional layer of protection

I’m glad I finally took the time.  I (forced ;) my wife to run the Windows version on her desktop and we share the same database file with our financial, healthcare, etc logins. So either of us can get into whatever we need wherever we are. It gives me peace of mind that she would have ready access to those important things in case I was somehow unavailable (knock wood). If you're putting up with some other convoluted hodge podge as I was, please give this general idea a shot by wading in slowly and see if it makes your life easier as it has for me.

 2013-01-01: My main password file was corrupted

and I couldn't log in.
  • Turns out I had a wonky entry that kept growing upon subsequent saves. Maybe compression algorithm was backfiring or something like that.
  • The offending entry was under KeePassHttp which just stores the authorized connection for each particular browser, so it was a no brainer to kill and recreate.
  • My kdbx file had grown to 28MB! after deleting it was back down to a measly 16k.
  • KyPass Companion was doing the most recent suspect saves causing massive growth so I can't help but wonder.

DropBox really shines
  • Thanks to DropBox's inherent versioning I could readily fallback to a working copy
  • Dropbox also showed the disturbing progression in larger file sizes over short amount of time
  • as well as which client that was driving those suspect saves - KyPass on my Mac
  • really gotta hand it to that product team, top notch stuff
KyPass's questionable involvement gave me a reason to give the mainline KeePass2 another look...

    Banging KeePass2 for OS X into shape
    • Updated from current v2.23 build to the latest official v2.24 build by dropping the latest KeePass.exe from the Windows zip bundle into the Contents/MacOS folder. This is promising; hopefully to never suffer the envy of a more recent build.
    • Contents/MacOS is also where plugins like KeePassHttp.plgx should be dropped.
    • KeePassHttp is working just fine for me running under this mono version.
    • Make sure to disable "Show a notification when credentials are requested" under Tools > KeePassHttp Options. Otherwise both KeePass and browser would freeze upon every login page request.
     Nice to have's in KeePass not currently available in KyPass Companion:
    • Automatic save-on-change (via triggers facility)
    • Autoload of the MRU kdbx file upon launch
    • Synchronization

    [SOLVED] Error: "The following plugin is incompatible with the current KeePass version"
    • Running on Mac via mono, turns out lldb is somehow the process forked by mono which hosts the KeePassHttp listener on port 19455
    • In my situation this pesky error was apparently caused by a crashed orphan lldb holding onto the port and blocking subsequent launches of KeePassHttp
    • Simply "KILLALL lldb" from terminal to resolve
    Debug notes:
    • mono>debug.txt -v /Applications/KeePass{version}/Contents/MacOS/keepass.exe
    • Noticed SocketException well into the KeePassHttp plugin's constructors call stack and started to realize the error message was misleading
    • Xamarin Studio will debug the running instance:
      • First, enable debugger break on SocketException: Run > Exceptions > enter SocketException in the search
      • Run > Debug Application > browse to keepass.exe
    • Xamarin Studio will also reverse gen back to C# source (not that we need it in this case but it's good to know for future) - just create a new project and add the assembly (DLL or EXE) as a reference and click into it to see the readable source conversion of all classes.

    Wednesday, November 6, 2013

    JS Stack circa 2013Q4

    A few technologies that have crystalized in the last couple years really help bring javascript development up to parity with how robust things were under Silverlight & C#/.Net framework.

    • nuget - the tight integration that nuget brings to our whole universe is huge... at first nuget was new and like, neat that's "handy"... but at this point it would be total madness w/o it... searchable repository where all these new libraries are easily managed ... easy to check versions and update to the latest... bringing all these scripting dependencies into a project as formal "references" (just like .Net assemblies) really helps keep you out of javascript hell
    • requires.js - a fairly automatic "include"/dependency management system for all the interdependent JS libs that have to get pulled into the client at runtime... it used to just be jQuery but the JS lib stack has exploded out into literally dozens of includes that all piggyback eachother and w/o a management wrapper around that we'd have to get the <script> file references in the correct order on every browser page... another big potential for madness avoided
    • bundling & minification - the latest VS2012 MVC project templates come bundled with support for taking all these raw scripts and bundling them into one big file, this means the web client is only making one optimal request for it's "framework" rather than 20 async requests for each individual script library before it can start rendering the dang page page ... that big file is also "minified", meaning all the white space is removed so it's as small of a network download as possible... both of those together are pretty huge in the new scheme of things
    • "LESS" - basically CSS syntax revamped to support variables and generally less repetitive syntax ... it's a huge deal when you want to set some basic highlight colors & metrics and have everything else reference those as variables so that it's easy to change your look and feel by tweaking the core variables used in all the other element styles... it's easy to configure your MVC project to automatically compile LESS into native CSS for the browser to consume what it understands... there are other CSS wrapper syntaxes out there... SASS is another one
    • make sure you get the VS 2012 Web Essentials add on - it does all kinds of handy little nice to haves like automatically showing you you a little image popup when you hover over a reference (in CSS as well)... shows html color tags with a little color block popup... etc. etc.
    • Resharper - resharper is one of those cool kitchen sync productivity boosters that really makes me feel like i'm driving on jet fuel in visual studio... the automatic syntax cleaning it does... robust javascript parsing / intellisense / reference navigation and on and on

    Friday, October 4, 2013

    HttpWebResponse from WebException

    using (var response = (HttpWebResponse)((Func<WebResponse>)(() =>
      try { return(request.GetResponse());}
      catch (WebException ex) { return(ex.Response); }
    }))()) //<-- too funny
    using (var responseStream = response.GetResponseStream())
    // ReSharper disable once AssignNullToNotNullAttribute
    using (var readStream = new StreamReader(responseStream, Encoding.UTF8))
      return String.Format("{0} {1}. {2}", (int)response.StatusCode, response.StatusCode, readStream.ReadToEnd());