Saturday, March 28, 2009

Resolution: The Underlying Connection Was Closed

You usually got this exception when trying to use System.Net.HttpWebRequest class in .NET 1.1 for creating internal URL calls from your ASP.NET code. The exception is also reproducible when trying to invoke webservices using the proxy class.

By default, there is two concurrent connections in every ASP.NET application. As ASP.NET is a service it may require more than two concurrent connections to handle the requests. When you try to request URL from your ASP.NET code, ASP.NET may not be able to handle it. The solution is to increase the number of the concurrent connections which ASP.NET can handle. You can do so by modifying the "connectionManagement" element in the configuration file. For more information about the problem and its resolution, check this post.

Monday, March 23, 2009

yEd Graph Editor Replacement For Visio

yEd by yWorks is a very nice graphical editor which can be considered a very perfect replacement for Visio. The tool is very simple and provide most of the functionalities of Microsoft Visio. It doesn't provide a very large collection of graph types like in Visio but at least it provides the most used and popular ones. You can create UML diagrams, flowcharts, block diagrams, networks and more. You can have glassy figures, rounded corners, curves, edges and shadows. Although, it's a Java tool, I didn't find it slow or heavy in loading. It's a very powerful graph editor tool and it really worth a try: Download yEd Graph Editior

Friday, March 20, 2009

MIX09 Sessions Videos

MIX09 is a Web Design and Development Conference which is considered one of the most popular events for web professionals. The conference this year has already been launched in the last March 18th and will end in March 20th. To catchup with the event, you can watch the sessions through this link: MIX09 Sessions

[Update] 29th March, 2009
MIX stuff collected all their videos in one page: Click Here

[Update] 21st March, 2009
Guy Burstein collected all the sessions in his blog post and made available for download. So that you can watch MIX09 videos offline: Download MIX09 Sessions and Watch Offline

Software Security

In the world of Facebook, E-Commerce and Email; modern threats have emerged exploiting application level vulnerabilities more than ever, A simple bug in a web or desktop application could lead to hundreds thousands dollars loss and sensitive information disclosure. Hence the need for security measures on the application level.

The CuttingEdge Club will organize a two hours session to discover the modern applications threats together with the mitigation techniques, discussing the different activities that should be done throughout the different phase of the software development life cycle to end with a more secure software.

The session will be in Wednesday 25th March, 2009 - 5:30 PM, ITWorx - Free Zone. The speaker is Ahmed Saafan, Information Security Engineer, Raya Security Services.

CuttingEdgeClub is an ITWorx technical seminar club for technology enthusiasts. Its mission is to provide an easy gateway to pertinent and updated technology information for a growing audience in a simple, pragmatic and accessible way.

Wednesday, March 18, 2009

Blocking IP Addresses Using MMC

I was searching for a solution to block any communication with specific IP addresses. I have come to this solution using MMC (Microsoft Management Console). The following steps will allow you to block any communication - whatever the protocol is - with specific IP addresses or subnet:

1. Open Start Manu > Run > Write "MMC". Then press Enter.
2. In the Management Console > File > Add/Remove Snap-in...
3. In the opened dialog, leave "Local Computer" as it's and click "Finish".

4. You will have a new node in the left tree called: "IP Secuirty Policies in Local Computer".
5. Right click on this node and select "Create IP Security Policy".
6. In the opened dialog, write "Block IP".
7. Click Next till the end of the wizard and then "Finish".
8. You will have an item in the left pane called: "Block IP". Right click on it and select "Properties".

9. In the opened dialog, click "Add".
10. Go through the wizard, till you reach a step called: "IP Filter List".
11. Click "Add". IP Filter Dialog will open.

12. Modify the name of your IP Filter and click "Add" to add an IP filter policy.
13. Click "Next. Leave "Source Address" as "My IP Address".
14. In the destination address, you can select "A specific IP Address". You can also filter by DNS or subnet. Enter the IP address to block. Then click Next.

15. Leave the protocol to be "Any" and click "Next".
16. Then click "Finish".
17. Apply all changes, and close all the opened windows. You may have to add "Block" action if it doesn't exist.
18. After you finish, don't forget to write click on "Block IP" policy and select "Assign".

Now try to ping the blocked IP addresses. You should get "Destination Unreachable" message.

Tuesday, March 17, 2009

Maintenance Plans in SQL Server

Creating backups for your database is an essential task in every environment especially for critical data storage. But have you ever ask yourself how to create your backups in a periodic manner - say every week or so? If you was able to do so, how will you manage the space in your disk? Maybe you don't want to keep any backup files older than one month.

The first solution you may think about is to create a SQL script and execute it in a custom job. But wait, SQL Server can do it for you and save alot of this implementation hassle. In the SQL Server, you have the option to create "Maintenance Plan" for your database. This plan provides you with more advanced options for creating backups for the data and the transactions logs.

When you create a new plan, you will have to go through a configuration wizard. The interesting part is in the backup configurations. You can provide how often you want to backup your database (i.e every week, month or so). You also specify how long you want to keep the backup files and when to remove it (i.e You may remove any backups older than one month) so that you save your storage space. Another interesting point, you can create only one plan for more than one database. The plan can be configured also to create a separate backup folder for each database.

The maintenance plan is a periodic task which needs a running job. This is why it requires a running SQL Server Agent in your database server.

Monday, March 09, 2009

Stories From A Gaming Startup

CuttingEdgeClub organize a seminar in ITWorx to elaborate a story about how gaming startup can emerge. The seminar is scheduled to be on Wednesday, 11th March, 2009 at 5:30 PM in ITWorx - Free Zone. The session will be provided by Mostafa Ashour - Managing Partner, Khayal Interactive Entertainment.

CuttingEdgeClub is an ITWorx technical seminar club for technology enthusiasts. Its mission is to provide an easy gateway to pertinent and updated technology information for a growing audience in a simple, pragmatic and accessible way.

Sunday, March 08, 2009

Resident Evil

Do you know about the time-bomb viruses? Those ones which start execution in a certain time frame. Today, I have a similar behavior but this time not a virus. It's an evil code.

We have an application on the production environment which has been created seven years ago. The project seems to be working properly for a long time with no massive problems. However, an exception suddenly encountered when any user try to edit some data items.

Microsoft VBScript runtime error '800a0006'
Overflow: 'CInt'
/newsline/newsline/dbshell.asp, line 641
The project was implemented in classic ASP and VB script. If you had the opportunity to work with this crappy-style languages, you can imagine how debugging in this kind of code is missy. So I had no way except to analyze the exception getting the most out of it.

If you notice, it's an overflow exception. This means that CInt has got some large integer number to convert and failed to. After googling, I have found that there is a maximum limit for this method input and it's 32768. From a second look in the exception, you can see that it happens in a file called: "dbshell.asp". This leads to conclude that the number this method is trying to convert is retrieved from the database.

This was actually a good guessing. In the production environment and after seven years, some data table in the database reached to have more than 33974 records. The method couldn't convert any sequence ID for any items with ID larger than 32768. The issue couldn't be captured in the quality test as this low level test case couldn't be considered or even thought to be problematic.

The developer who wrote this code from seven years ago didn't imagine that some day the number of the records will reach this limit. The exception was resident to blow up after these long period. These lead us to an old lesson. At the time of building your application, you don't think that your application will last for long. You need to consider which data you think will go large and which is not. Hence you follow the appropriate guidance in the implementation.