Hexadecimal URLs

Hexadecimal URLs

Some strange phishing emails were there in my Rediff Webmail. Should I just delete it? No. I just thought I would do some sort of recycling and find if something useful was there.

And the email was faithful to give the following details. Of course, some of the links I had to ensure that should not be clicked by copy pasted to a Google Toolbar to get the actual victimized website which has been phished.

1. The site URL was Barclays Bank, based in UK. It seems to be a really an impressive and premiere banking website based in UK. There are useful tips and tricks besides interactive tools like Mortgage Calculator, Map and Area locator etc.
2. Obscured URLs. The URL was really strange it was like http://0xC18003C6.  For security reasons, I am not giving the phished URL rather tiving the URL of the bank itself in hexa decimal format.
3. A search in Google revealed a lot of things. Actually, hexadecimal URLs are supported by the web browser for security reasons since some confidential transactions can be safely sent using encoded and encrypted URLs. However, phishers seem to use this maliciously like this.
4. Technical Knowhow:
1. We can study the anatomy of the URL like this: http://0xC18003C6
2. http:// stands for the standard HTTP protocol.
3. 0x prefix indicates that the string literal, if convertible, is a valid hexadecimal number.
4. Every two digit then on would the IP address part. In this case, C1 80 03 C6 would resolve to 193 128 3 198. In the decimal notation, we need to use dot between the individual entities.
5. You can simple use the Windows Calculator in View -> Scientific mode to get conversions from Decimal to Hexadecimal and vice-versa.

Elegant Data Access Strategies in .NET

Elegant Data Access Strategies in .NET

Thanks to ADO.NET, database access and management has never been easy and a breeze. We have high speed managed providers without much of resource consumption. All resource management are being managed by CLR.

The default support of database access in .NET is like

1. SQLServer
2. Oracle
3. Generic OLEDB
4. Generic ODBC

But it would be a better strategy for us to have a Data Access Layer, which is shortly known as DAL in programming world, which would have the complete onus in talking to the database and returning the results, instead of having each of our modules talk to the database.  This way, in future,if wanted to make some performance improvements to the database access, the changes are restricted to one particular area instead of having this spill out through out the application.

Perhaps, I would like to recommend to the readers, the following URLs which we researched upon in Database Access Layers. We also have our own GDN (GotDotNet) Workspace. If you are interested to contribute some effort, please do drop in.

1. Full Database Abstraction Layer Generator by Jonathan De Halleux
2. DotNetEmpire -- GotDotNET (GDN) Community Workspace by Vasudevan Deepak Kumar

Managing ConnectionStrings (Securely)

Managing ConnectionStrings (Securely)

Database driven webapplications and windows applications normally store the connection related info (which is often called as ConnectionStrings), into some standard INI or registry entries. .NET applications have an edge since they have a predefined configuration file like web.config or app.config for web or windows application respectively.

But the following daunting questions appear to the user:

1. How to build a connectionstring easily?
2. How to securely store the connectionstring since it has username, password and other sensitive info?

Here is a humble attempt to answer the queries to the user.

How to build a connectionstring easily

1. If you know the provider or driver you are going to use, you can hand-prepare the connectionstring based on the manual and/or documentation or samples in hand.
2. Check out http://www.connectionstrings.com/. For any connectionstrings, this, I guess would be a very useful resource for developers worldwide.
3. You can easily build a simple connectionstring editor using a simple editor like using a tool like DanMeyar has given.

How to secure the connectionstrings

1. Securing a connectionstring is a debated question. Perhaps my other article in CodeProject also attempts to explain this. Check it out here.
2. Trusted Connections You can enable Trusted Connection for the account running your webapplication to the database of the application. Like ASPNET account in SQLServer for your database. Or you can use impersonation. Even Oracle now supports OS Integrated Authentication. This way, you can avoid storing passwords n web.config
3. ASPNET_SetReg.exe: You can use this Microsoft provided tool to encrypt and store credentials in the registry. Check out more details from Microsoft Support Article 329290.

I hope these would be very useful for developers of web applications and windows applications.

Website Precompiler for ASP.NET

Website Precompiler for ASP.NET

The most elegant feature of ASP.NET is the JIT compilation and caching of the pages once served, so that the second time, the users would get the most fastest response. However, the very first user to request the page has to wait a while, as the pages are JITted.

ASP.NET 2.0 has a compile website option, I guess. However, for websites running on .NET framework 1.1 this is still an issue. I have been looking out for some solutions and I came across the following article, which I think would be helpful to other users too and would like to share the same.

1. Precompile ASP.NET Pages by Narendra
2. Alberto's Precompiler for ASP.NET

I hope these would be very useful for ASP.NET development fraternity worldwide.

Guestbooks for the Website

Guestbooks for the Website

Websites which offer a dynamic interaction from the people have always been successful with more number of returning visitors. A very static webpage always invites only a few visitors who need the information for that point of time.

So what are the ways in which a webuser can register his opinion with the website? The sky is the limit for the channels that can be opened up for the same.

Traditionally, guestbooks have been the most preferred choice for webmasters, be it big websites or little personal hobby pages.

There is nothing in the world that claims a hundred percent perfection. There always remains a scope for further improvement and development. A good guestbook for a website can invite comments on a particular thought expressed in the website, get attention on a failing component of a website or a suggestion towards a better enhancement of the same.

Is it too difficult to configure a guestbook for a website. Not at all. Creating, Configuring and Maintaining a guestbook had and would never be a pain but rather a pleasure. When your kid gets comments from his teacher on getting first rank in his class subjects in the examinations, you would be happy right. It is quite similar to that, when your visitors leave suggestions for your website.

To start with, you can check out a lot of open source implementation of guestbooks, which you can download, configure and use them on your website. However, if you are afraid of technical configuration, there are a lot of remotely hosted guestbook solutions too.

We would like to summarize a few of them for your convenience.

Source Guestbooks

1. Guestbook Application from WebWizGuide
2. ASP Guestbook from Uwe Keim

Third-Party Solutions

1. Flash GuestBook from PepFx Design

RemotelyHosted Solutions

1. Bravenet Guestbook
2. SmartGuestbook

Tutorial of creating a Guestbook (in ASP)

1. Guestbook Tutorial from Joshua Bengal.

Tips on Maintaining Guestbooks

1. Check out administrative control panel of the guestbook once in a while to ensure that no unrelated or junk messages are posted to guestbooks.
2. To prevent spammers and spam robots from posting junk comments to your guestbooks, you can make use of CAPTCHA trick. Integrating a CAPTCHA trick is very easy in any of the solution. For more information on CAPTCHA, check out this post.
3. It would also be better to have a Private Message checkbox so that some users can send a message to you and then later you can edit and with the consent of the user make it appear in the Guestbook. The concept of Private Messages is in fact a debated issue. Some consider that these are like Contact Forms but their significance is always come to stay.

Web-based MineSweeper

Web-based MineSweeper

If you have observed Windows has a couple of nice elegant cames like Cards, MineSweeper etc in its default installation. These make Windows very interactive and lovely to work and even during a casual snacks or lunch hour or a weekend, we can keep playing in the laptop.

Just imagine, how cool it would be to play the game over the web browser too.

I came across this website called DestroyDrop, which offers this web-based MineSweeper in JavaScript. Check it out:

http://www.destroydrop.com/javascripts/mine/

ScreenRuler -- Measuring Screen Widths Effectively

ScreenRuler -- Measuring Screen Widths Effectively

Homepages and blogs are so common. Have you wondered and longed for a simple tool that can help you measure the screen widths quickly and effectively. I was having a similar requirement and a search revealed a simple freeware called ScreenRuler, which is downloadable from Spadix Software.

Now you can rule the screen with the ScreenRuler!

Free Indian Language Word Processing Application

Free Indian Language Word Processing Application

It is now history to have webpages in Indian Languages that need costly Java Applets, untrusted ActiveX Controls, heavy flash movies and slow images.  Perhaps if you check out Google Tamil or Google Hindi, the most elegant way could be to make use of Unicode UTF-8 standard to acheive this.

Towards this, I needed a software that could make up Hindi/Tamil versions of webpages for a friend of mine and came across this freeware editor called Baraha. Baraha in Kannada means writing.

It has a lot of features and supports a lot of Indian languages and export capability to Unicode. If you still need TTF type, Baraha has its own font for each of the Indian language to support that too.

Check out Baraha and/or Baraha SDK from http://www.baraha.com/index.htm

Free Online Network Utilities

Free Online Network Utilities

To diagnose and troubleshoot a network problem particularly in a production webserver is always a time-taking and strenous exercise. Particularly, if you do not have enough and a complete suite of tools that  you require to complete the process.

I came across this nice website which aids in giving a complete set of network utilities in Online for free. Check it out at CentralOps.net.

It does provide the following set of services:

1. Domain Tools
1. Domain Dossier -> Investigate details about a particular domain.
2. Domain Check -> Query availability of a particular domain.
2. Email Dossier
       Checks whether the email address actually exists or not.
3. Browser Mirror
        Investigates the information sent by the web browser.
4. Ping
        An Online ICMP Tool to ping the host.
5. Traceroute
         Traces the path a packet travels to the webserver.
6. NsLookup
         Lookup Utility for various DNS records for a particular domain.
7. AutoWhois
          A Whois Utility to query multiple domains across the world.
8. TcpQuery
          Analyse a particular webpage.
9. AnalysePath
           Visual Traceroute.

MyLittleAdmin -- Administering SQLServers on the Web

MyLittleAdmin -- Administering SQLServers on the Web

Administering a SQLServer typically after the website has been transferred to the production site is always night marish and particularly connecting through a desktop enterprise manager, and typically when you do not have the luxury of fast broadband.

I came across this little tool called MyLittleAdmin, whose lite edition seems to address this issue, satisfying the needs and requirements of many people.

Check it out at MyLittleAdmin homepage.

Online Virus/Trojan Scans

Online Virus/Trojan Scans

As you surf the vast diversified Internet, install and deinstall a wide variety of programs and applications, you also run risk of accepting viruses and trojans. Viruses are harmful to your system. Trojans play havoc on confidential data and send them back to some remote site to the Trojan writer.

Fortunately, there are two quick and easy Virus Scanners that you can make use of, to scan your system and clean it from Viruses and Trojans. This is for quick and easy check. It is any recommended to have a fullfledged and updated RealTime Antivirus software in your system running for constant protection against threats from the open Internet.

Here are the free online scanners:

1. Free Antivirus Check from Trend Micro website.
2. Free Trojan check from Windows Security website.

You need to be logged on as administrator since these websites require a small ActiveX Control to be downloaded and installed for the scanning to take place.

Web.Config Editors

Web.Config Editors

The most elegant feature of .NET application compared to classic ASP is that most of the things are now configurable in simple and standard XML Configuration files. The most significant among them is web.config files for a particular application and machine.config for a typical .NET Framework installation for the entire system.

Don't worry. I am not going to bore you into the internals of Web.config. For more information on the same, check out this MSDN link.

Here we would see, some of the free editors and or third party solutions that make editing and managing a web.config simple for system administrators and other personnel who maintain the website but not too tech-savvy to know the internals of the same.

Third Party Solutions

1. Hunterstone Web.Config Editor. I had seen that HunterStone WCE was giving promotional offers for free download sometime back but I think that offer is not available now. But it is a very simple tool to manage the web.config files.

Source Solutions

1. AppSettings Manager by Nigel Shaw

Tutorial cum Editor on XmlFiles.com

1. ASPxConfig Editor by Adam S CartWright

Windows Media Player Rudimentary PlayList

Windows Media Player Rudimentary PlayList

Normally, when I used to listen to Ayyappa Bhajan songs, basically MMS URLs I had to copy one by one into Windows Media Player to listen. I was thinking whether I can create a simple playlist that Windows Media Player can automatically recognize the sequence and play one after another.

There are Windows Media Player playlist XML files that you can create for them. But I found one more simple solution from a web discussion forum over here.

It is directly simple. Create a simple text file default.m3u and enlist the supported file type URLs and Windows Media Player would play for you.

A sample would be like this, as mentioned in the discussion forum (default.m3u)

http://www.yourserver.com/1.mp3
http://www.yourserver.com/2.mp3
http://www.yourserver.com/3.mp3 

Mobile VOIP -- Emerging Voice over Technology

Mobile VOIP -- Emerging Voice over Technology

With soaring high costs of long distance calls over circuit switched PSTN Networks, the industry and the world turned over to the following cheaper alternatives:

1. Computer to Computer
2. Voice over IP technology

Now, the industry also seems to be aggressive in research and development activity on extending Voice Over technology to handheld devices, as this Indiatimes article describes.

Linguistic Accessibility of Websites

Linguistic Accessibility of Websites

The power and prowess of websites is better known by the quantity of content, its reach, the impressions it had made on its' visitors mind, to name a few parameters.

With respect to the reach, the website can best reach by providing translation services to reach the audience in thier native language for best appeal.

Linguistic Translation does not need extensive groundwork to start with however, a minimal startup requires only associating the website with a few translation webservices and websites. I would like to share with the readers a few translation websites that aide in this perspective:

• Google Translate -> http://www.google.com/translate_t
• Free Translation -> http://www.freetranslation.com/
• Altavista Babelfish -> http://babelfish.altavista.com/

Quick and Easy Network Tools

Quick and Easy Network Tools

Managing and maintaining a significantly sized network does always carries with it significant responsibilities and that too in this world of Internet, which is filled with viruses, trojan horses and all sort of hackers. The responsibility and head-aches still increase when it comes to the point of production servers.

Fortunately, just like free email services, a lot of enterprises and open source developers have come together to remotely host services that aide in network management.

I would like to share some significant of them, which will be of real use.

• Reverse DNS Look: Check out this website hosted by 12Dt.com/ which offers efficient reverse DNS resolution of a given IP address. Free services are restricted to 100 requests per IP address and subject to cookie support in the web browser.
• Protected Whois Check: Whois databases too have been victims of spammers getting the email addresses by automated tools. Check out this protected whois database from Godaddy.

QBasic and Related Downloads

QBasic and Related Downloads

Following up my previous post, a few friends of mine were asking how to get QBasic and related help. As such and as far as I know, I don't think the current versions of Windows (Windows XP or Windows 2003) has Qbasic.exe shipping along with it.

A search in Google revealed the following MSDOS Utilities. Perhaps, I would like to share it among the readers. But the following things need to be clarified and I have posted in some community newsgroup. Once I get the response,  I would try updating them over here:

• Compatibility of these programs with the current Win32 model.
• Future compatibility of these programs as Win64 gains sway.
• License restrictions.

Perhaps if some reader of this blogpost has some answers, feel free to share with others as blog comments.

Power of QBasic

Power of QBasic

QBasic, the MSDOS version of QuickBasic and successor to BASICA, Turbo Basic and GWBasic. There are some cool features in this language, that I think even the current ones do not directly and so easily support.

For example, there are three simple commands like Play, Sound and Beep. While Beep is supported by an escape sequence and the ASCII character code, sound and Play do not find direct equivalents in Visual Basic or even in C#.

I am trying to understand this and perhaps if you visit Experts-Exchange and particularly this page, you would find an interesting discussion on this topic.

'This webpage could not be saved'

'This webpage  could not be saved'

How many times you have confronted this message when attempting to use File -> Save WebPage complete. I think in these cases, which also takes up more diskfiles and a folder is being created, you can use Web Archive (.MHT) file name extension.

Check out this article for the problem description and resolution: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q235589

CTRL+Enter in Internet Explorer

CTRL+Enter in Internet Explorer

CTRL+Enter is really a very useful feature in Internet Explorer.  We type google and CTRL+Enter automatically prefixes the TLD suffix and www and navigates to the URL. Myself and my friend faced a piquant situation yesterday. It was not working.

After a brief tweaks and fiddling with IE Options, we observed that this is dependent on Tools -> Internet Options -> Content -> Autocomplete checkbox to be enabled. Only then it works.

Also, it would be interesting to go a bit deep into the technical background of CTRL+Enter too and perhaps this technical background also helps us to customize it.  Check out Jeff's WebLog for details.