Archive for the ‘IIS’ Category

XSS (Cross Site Scripting) Cheatsheat

Thursday, March 24th, 2005

XSS (Cross Site Scripting) Cheatsheet: Esp: for filter evasion - by RSnake

This is going to come in handy during my pen test of our web site.

Posted in Security, Development, Systems Administration, IIS, Apache | Comments Off

IIS 6 Peformance Paper

Thursday, March 24th, 2005

IIS 6 Peformance Paper - Worth the read

By Brett ‘brett’ Hill on IISFAQ Front Page

Papers from Microsoft are often hit and miss. Some are stellar and some are overbroad overviews filled with marketing jargon. This one, however, is well worth the read. He’s an excerpt from Web and Application Server Infrastructure - Performance and Scalability

COM General

With the new IIS 6.0 architecture, it is important to question some of the existing guidelines where COM is concerned. A major consideration is that, before Windows Server 2003, COM application components were configured (by default) to run out-of-processes from the caller. The default for COM applications is for them to run as Server Applications, executing in a DLLHost.exe process called into from the object instantiate, or over DCOM.

The performance downside of doing this for every method call, is that there are extra threads running on the system, and every call to a method must be marshaled across process boundaries. This is not noticeable on a small implementation with low request/transaction rates, but on a high volume, large multiprocessor, this kind of overhead can greatly decrease the overall scalability of the system.

Therefore, on Windows Server 2003, it is best to change the default configuration for a COM Server Application to Library Application to aid scalability of the calling per use of that application

Posted in .net, Development, SQL, Systems Administration, IIS | Comments Off

Automating build and deployment process to web servers

Tuesday, January 18th, 2005

I have found the following useful items for my project at work to automate our deployment process.

  • Deployment/Building of Web Applications - TSS.net
  • Nant FAQ
  • NantContrib
  • Continuous Database Integration
  • Using NAnt Build and Deploy .Net Applications
  • Managing Sourcecode with Nant
  • Managing .NET Development with NAnt
  • Continuous Integration
  • Red Gate releases SQL Packager, a SQL Server deployment tool
  • Mike Lorengo’s Weblog - Refrigerators, Unit Testing & NAnt

    • Posted in .net, Windows, Development, SQL, Systems Administration, IIS | No Comments »

    SF.net: Project Info - Enterprise Monitoring, Windows Systems

    Friday, January 7th, 2005

    SourceForge.net: Project Info - Enterprise Monitoring, Windows Systems
    Centrally monitor eventlogs, no agents needed; Send alerts to different people on different events; Integrated with ticket tracking system; Forward events to syslogd; Archive events into MYSQL/MSSQL; Web interface to search for events;

    Posted in Security, Windows, MySQL, Systems Administration, Open Source, IIS, Apache | No Comments »

    Ahhh the wonderful things you can do with RRDtool

    Wednesday, October 22nd, 2003

    The one and the only RRDtool

    • Cacti is one of the prettier network monitoring and graphing tools - plus it runs on MS
    • Oh here is a gallery of RRDTool uses.  This is an intresting one that tracks tickets in RequestTracker.
    • Here is an advanced implementation at Library consortium
    • I know Jason hopes that one day we will monitor our servers this well
    • Last but not least here are some frontends for RRDtool

    Posted in hardware, MySQL, Systems Administration, Open Source, IIS, Apache, Software | No Comments »