Tadlock Enterprises » tips & tricks

Ignore an Invalid SSL Cert in .NET

Craig Tadlock — Sat, 06 Mar 2010 01:08:13 +0000

One of our clients integrates with a financial services company which provides an API to access data. Obviously this needs to be secure. Their QA environment is secured via SSL but is exposed only by IP address. A .NET client will by default throw a security exception when you try to create a SSL connection by IP because the certificate has been issued to a name. This code will get you past that…

ServicePointManager.ServerCertificateValidationCallback += ((sender, certificate, chain, sslPolicyErrors) => true);

SMTP Diagnostics Tool for Windows

Craig Tadlock — Thu, 25 Feb 2010 08:18:21 +0000

Are you running a SMTP server on a Windows Server? Then you need to use the Microsoft Exchange Server SMTPDiag Tool. It will verify your SMTP, DNS and firewall settings to ensure everything is setup properly and you are able to send email.

Fix Loopback 401 Errors in Windows Server 2008

Craig Tadlock — Thu, 25 Feb 2010 08:13:16 +0000

If you use a loopback address (127.0.0.1) or hosts files on your Windows Server to reference a local IIS web application with Windows Authentication it will probably fail with a 401 error due to a new security constraint. This is often the case if you use a public url for your Sharepoint of TFS server. To resolve this you need to add a registry key…

Open regedit
Open the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Create a new DWORD under Lsa named DisableLoopbackCheck
Set its value to 1
Restart the server for good measure

Related Links

http://support.microsoft.com/kb/896861

http://ppalakollu.blogspot.com/2009/04/ie-8-ntlm-authentication-on-windows.html

Auto Generate a Code Column Value in SQL

Craig Tadlock — Sun, 07 Feb 2010 21:58:09 +0000

Often in database design a table has a secondary unique key which defines a random alpha-numeric value; lets call this Code. While the table’s primary key is used for foreign key references in the database, the Code column has several advantages and uses. Since it is not a sequential value it can be shown to the user without giving away possible valuable information; for example giving away your sales volume. It can also be used as a URL query parameter to discourage one-up-attacks (note this should not be a replacement for proper data security).

So now that we are sold on having a Code column, what is the best way to implement it? Here is a method you can use to implement a proper Code column and have the database generate the value for you. This is a similar design pattern to using an IDENTITY column to generate the next value for a primary key. We would like for the column to have a default value of a new Code value, such that the application tier doesn’t have to worry about setting the value. An issue with this in SQL Server is that column default values do not allow for ‘dynamic’ values; we can use a view to get around this. As for the Code generation algorithm I piggybacked on the NEWID() function which generates a new uniqueidentifier. There are countless other algorithms you could use for this.

Create a view to generate the new codes…

CREATE VIEW [dbo].[Codes]
AS
SELECT LOWER(SUBSTRING(REPLACE(NEWID(), ‘-’, ”), 0, 16)) AS Code;

Create a function which returns a new code…

CREATE FUNCTION [dbo].[NewCode]
( )
RETURNS NVARCHAR (50)
AS
BEGIN
RETURN (SELECT Code FROM Codes)
END

Now we can use the dbo.NewCode() function as the default value for our table’s Code column..

ALTER TABLE [dbo].[XXX] ADD CONSTRAINT [DF_XXX_Code] DEFAULT ([dbo].[NewCode]()) FOR [Code]

That’s it! Now if you insert a row into the table the Code column will have a new value in it by default. Simple.

UPDATE

Here is a much better algorithm to generate codes. The previous algorithm has a ‘hidden’ issue; the NEWID() function only generates the letters A-H, so you don’t get the security of the full 26 character alphabet. The algorithm below also lets you choose which characters you want. This allows you to prevent issues like 1 and I, and 0 and O confusion.

CREATE VIEW [dbo].[Codes]
AS
select
[Code] =
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1) +
substring(ch, convert(int, RAND() * (LEN(ch) – 1)) + 1, 1)
from
(select ch = ‘ABCDEFGHJKLMNPQURSUVWXYZ23456789′) a

Generate Lorem Ipsum Text in MS Word

Craig Tadlock — Sat, 06 Feb 2010 04:47:45 +0000

Here’s a quick tip: To generate “Lorem ipsum” text in Microsoft Word type “=lorem(x, y)”; where x is the number of paragraphs and y is the number is sentences. I regularly use this for fake text when developing websites.

Visio 2010?

Craig Tadlock — Tue, 17 Nov 2009 05:57:54 +0000

The beta for Visio 2010 is up on MSDN. I didn’t even know there was a new version coming out. Given the number of “pretty pictures” I make, this is quite an exciting time.

More info on Visio 2010 at…

http://visiotoolbox.com/2010/

I’ll post my feedback once I’ve taken it for a spin.

Extended Version of Notepad2

Craig Tadlock — Mon, 16 Nov 2009 08:42:03 +0000

If you are still using plain-old notepad.exe then I highly suggest you check out Notepad2. It is a much improved version of notepad but without all the bloat and madness of Word. If you’re using Notepad2 already then you might want to check out the extended version. It adds some additional features such as code collapsing and the installer does the Windows work to replace notepad.exe with notepad2.exe.

http://code.kliu.org/misc/notepad2/

Encrypt / Decrypt Context Menu in Windows 7

Craig Tadlock — Mon, 16 Nov 2009 08:34:57 +0000

This one is pretty self explanatory… I’m not sure why Microsoft didn’t enable this by default.

http://www.howtogeek.com/howto/windows-vista/add-encrypt-decrypt-options-to-windows-vista-right-click-menu/

MAKE SURE TO BACKUP YOUR ENCRYPTION KEY TO AN OFF-SITE LOCATION

If you move an encrypted file to another machine (like in the case of a OS rebuild) you MUST have the encryption key to restore the files. If you don’t have it; you’re out of luck.

http://www.howtogeek.com/howto/windows-vista/back-up-your-file-encryption-key-in-windows-vista/