Tech Kaizen: 3/1/09

Sharepoint Development

ReadDirectoryChangesW - Watch Folder/Directory Changes

ReadDirectoryChangesW() - Retrieves information that describes the changes within the specified directory. The function does not report changes to the specified directory itself.

To track changes on a volume, see change journals.

References:

Obtaining Directory Change Notifications -
http://msdn.microsoft.com/en-us/library/aa365261(VS.85).aspx

http://msdn.microsoft.com/en-us/library/aa365465(VS.85).aspx

http://www.codeproject.com/KB/files/directorychangewatcher.aspx

PRB: ReadDirectoryChangesW Not Giving Consistent Notification -
http://support.microsoft.com/kb/245214

RegNotifyChangeKeyValue - Watch Windows RegistryKey Changes

RegNotifyChangeKeyValue() - Notifies the caller about changes to the attributes or contents of a specified registry key.

Sampl Code:

// Helper function
void RegWatchOut( HANDLE& hEvent )
{
const DWORD dwEventFilter = REG_NOTIFY_CHANGE_NAME
REG_NOTIFY_CHANGE_ATTRIBUTES
REG_NOTIFY_CHANGE_LAST_SET
REG_NOTIFY_CHANGE_SECURITY;

RegNotifyChangeKeyValue( HKEY_LOCAL_MACHINE,
TRUE,
dwEventFilter,
hEvent,
TRUE );
}

int main( int argc, char* argv[] )
{
HANDLE hEvent = CreateEvent( NULL, FALSE, FALSE, NULL );

// Call for notification
RegWatchOut( hEvent );

// Keep looping for ever
for( int Index = 1; WaitForSingleObject( hEvent, INFINITE ) != WAIT_FAILED; ++Index )
{
printf( "Key changed %d time(s)\\n", Index );

// Keep watching, we have to call again for further notifications
RegWatchOut( hEvent );
}

CloseHandle( hEvent );
return 0;
}// End main

References:

http://msdn.microsoft.com/en-us/library/ms724892.aspx

Hacking Windows Registry -
http://ebooks.allfree-stuff.com/eBooks_down/Hacking/Hacking%20the%20Windows%20Registry.pdf

http://nibuthomas.com/2007/09/07/watching-out-for-registry-key-changes-using-regnotifychangekeyvalue/

The Windows Access Control Model Part 1 - http://www.codeproject.com/KB/winsdk/accessctrl1.aspx

The Windows Access Control Model Part 2 – http://www.codeproject.com/KB/winsdk/accessctrl2.aspx

The Windows Access Control Model Part 3 – http://www.codeproject.com/KB/system/accessctrl3.aspx

The Windows Access Control Model Part 4 - http://www.codeproject.com/KB/winsdk/accessctrl4.aspx

Windows Shutdown Messages/Events : WM_QUERYENDSESSION, WM_ENDSESSION

The WM_QUERYENDSESSION message is sent when the user chooses to end the session or when an application calls one of the system shutdown functions. If any application returns zero, the session is not ended. The system stops sending WM_QUERYENDSESSION messages as soon as one application returns zero.

After processing this message, the system sends the WM_ENDSESSION message with the wParam parameter set to the results of the WM_QUERYENDSESSION message.
A window receives this message through its WindowProc function.

How can I prevent my application from closing when I logoff?

When a user logs off from the console, all running applications are notified of the logoff event via the WM_QUERYENDSESSION and WM_ENDSESSIONWindows messages.

By default, Windows will exit your application in response to WM_ENDSESSION events so you must change your code to override that behavior.

Here is a sample in MFC/C++:

BEGIN_MESSAGE_MAP(CMainFrame, CFrameWnd)
ON_WM_ENDSESSION()
END_MESSAGE_MAP()

...

void CMainFrame::OnEndSession(BOOL bEnding)
{
// Figure out if logging off
BOOL bIsLoggingOff = FALSE;
{
const MSG* pMsg = GetCurrentMessage();
if ((pMsg->lParam & ENDSESSION_LOGOFF) != 0)
bIsLoggingOff = TRUE;
}

if (bIsLoggingOff) {
// Avoid the default behavior, which may close our application
TRACE("Ignoring logoff.\n")
return;
}

// Not logging off so proceed with the regular/default
CFrameWnd::OnEndSession(bEnding);
}

Reference:

Win32 API for ShutDown:- http://www.codersource.net/mfc_shutdown_timer.html

http://msdn.microsoft.com/en-us/library/aa376890(VS.85).aspx

WMI Tools

WMI Reference -

http://msdn.microsoft.com/en-us/library/aa394572(VS.85).aspx

WMI Tools

Download the WMI Administrative Tools at: http://www.microsoft.com/downloads/details.aspx?FamilyId=6430F853-1120-48DB-8CC5-F2ABDC3ED314&displaylang=en.

It includes the following:

WMI CIM Studio: view and edit classes, properties, qualifiers, and instances in a CIM repository; run selected methods; generate and compile MOF files.

WMI Object Browser: view objects, edit property values and qualifiers, and run methods.

WMI Event Registration Tool: configure permanent event consumers, create or view instances of event consumers, filters, bindings, and timer system classes.

WMI Event Viewer: displays events for all instances of registered consumers.

Mgmtclassgen.exe—Microsoft Visual Studio .NET tool. Convert MOF file into .cs/.vb/.js files.

Management [WMI] Extension for VS.NET Server Explorer: http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=ef7594d3-4907-4af6-b7d8-6e22115ffaf0

Platform SDK tools - %systemroot%\system32\wbem

mofcomp.exe—Compiles MOF files and adds the managed objects to the CIM Repository. It is also possible to check the MOF file correctness.

wbemtest.exe—Windows Management Instrumentation Tester, also called WBEMTest, is a general-purpose utility for viewing or modifying Common Information Model (CIM) classes, instances, and the like. It functions as the CIM studio only if UI is humble.

MIB Browser - http://www.nonlinearideas.com/

MIB editor, builder, and browser - http://www.mg-soft.com/index.html

Books:

Developing WMI Solution, http://www.wbem.co.uk/. Chapter 8, "Developing .NET Management Application."

Articles:

A Peek into the Enterprise Instrumentation Framework http://www.codeproject.com/dotnet/EIF.asp?target=wmi

Windows Management Instrumentation: The Journey Begins -

http://www.winnetmag.com/Articles/Index.cfm?ArticleID=8959&pg=2

Exposing Management Events http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconexposingmanagementevents.asp

Inheritance http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconexposingmanagementevents.asp

Understanding WMI Evening http://www.winscriptingsolutions.com/Articles/Index.cfm?ArticleID=9805

Windows Management Instrumentation (WMI) Implementation http://www.codeproject.com/csharp/wmi.asp?target=wmi

WMI Made Easy For C# http://www.csharphelp.com/archives2/archive334.html

MFC Custom Controls - Subclassing

MFC allows you to create a C++ class, which is derived from a base class - subclassing in the C++ definition of the word - to change the behavior and the visual appearance of the control described by the base class. This is very different from the SDK meaning of "subclassing," which is used only to change the behavior, but not the appearance.

As an example: If you look at Chris Maunder's subclassing article, you will notice that he changes one of the style bits in his subclassed button to make it owner-drawn, and then overrides the OnDrawItem virtual function in his derived class. In SDK programming, this is simply implementing an owner drawn control. Hidden by MFC is the fact that the WM_DRAWITEM message is sent to the parent of the control, and the parent is responsible for determining which control is to be drawn, its state, and then drawing it. This is not subclassing; Rather, this is owner-drawing.

On the other hand, if you look at Daniel Kopitchinski's message handling article, the behavior of an edit control is modified by preventing certain keys from getting to the control. Considering that the control does not send every keystroke to its parent in a WM_CHAR message, how can the author be overriding this message handler? This is subclassing in the SDK sense: By changing the function that handles messages for the edit control, the author was able to filter what the control actually received

Windows provides support for "owner draw" controls and menus. These are Windows messages sent to a parent window of a control or menu that allow you to customize the visual appearance and behavior of the control or menu.

MFC directly supports owner draw with the message map entries:
CWnd::OnDrawItem
CWnd::OnMeasureItem
CWnd::OnCompareItem
CWnd::OnDeleteItem

You can override these in your CWnd-derived class (usually a dialog or main frame window) to implement the owner-draw behavior.

DrawItem messages makes things easier for developers, we get OD flags that tells which action requires painting.
ODS_CHECKED
ODS_FOCUS
ODS_DISABLED.
etc

References:

MFC Custom Controls - http://msdn.microsoft.com/en-us/library/bk2h3c6w(VS.71).aspx

Customizing Common Controls - http://www.ddj.com/184410273

MFC Quick Reference -
http://www.digilife.be/quickreferences/QRC/Microsoft%20Foundation%20Classes%20(MFC)%20Quick%20Reference.pdf

http://www.codeproject.com/KB/dialog/ownrdrwsubcls.aspx?display=Print http://nibuthomas.com/2008/06/28/when-to-use-ondrawitem-drawitem-and-onpaint/

Creating a Custom Tree Control Using the SDK –
http://www.ddj.com/showArticle.jhtml?documentID=ddj9709c&pgno=4

CheckComboBox - http://uttermatter.com/stdd/Implementation/CD/source%20code/CheckComboBox.cpp

CCheckListBox – http://msdn.microsoft.com/en-us/library/84cw5ysf(VS.80).aspx

Secure Coding in C and C++

Secure Coding in C and C++

Key Areas
String management
Pointer subterfuge
Dynamic memory management
Integral security
Formatted output
File I/O

String management:
Secure Coding in C/C++ : Strings
http://www.informit.com/articles/article.aspx?p=430402

Pointer Subterfuge:

Protecting against Pointer Subterfuge (from Michael Howard's Web Log) -

http://blogs.msdn.com/michael_howard/archive/2006/01/30/520200.aspx

http://blogs.msdn.com/michael_howard/archive/2006/08/16/702707.aspx

http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1301.pdf

www.sis.pitt.edu/~jjoshi/courses/IS2620/Spring09/Lecture5.ppt

https://www.securecoding.cert.org/confluence/download/attachments/3524/03+Pointer+Subterfuge.pdf?version=1

Secure Code Reviews :

http://www.slideshare.net/marco_morana/secure-code-reviews-presentation

http://www.computer.org/portal/site/security/menuitem.6f7b2414551cb84651286b108bcd45f3/index.jsp?&pName=security_level1_article&TheCat=1001&path=security/2006/v4n4&file=basic.xml&

http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1588832

www.sis.pitt.edu/~jjoshi/courses/IS2620/Spring09/Lecture4.ppt

Secure Coding Introduction

Easily avoided software defects are a primary cause of commonly exploited software vulnerabilities. Through an analysis of thousands of vulnerability reports, that most vulnerabilities stem from a relatively small number of common programming errors. By identifying insecure coding practices and developing secure alternatives, software developers can take practical steps to reduce or eliminate vulnerabilities before deployment.

As any seasoned security professional will tell you, it’s impossible to build bug-free, vulnerability free software. The name of the game in the security industry is risk mitigation. That is, reducing the risk to an acceptable level.It will identify some common mistakes made when developing software that lead to security vulnerabilities.

Secure Coding - Common Errors

1. Buffer Overflow

2. Format String vulnerabilities

3. Authentication

4. Authorization

5. Cryptography

6. Double Free Attack

Best Practices For Secure Coding

1. Distrust User Input

2. Input validation

3. Magic Switches

Two excellent books on secure programming -

Writing Secure Code - is an excellent book on developing secure code with specific examples on the Win32 API and lessons learned from Microsoft.

Building Secure Software: How to Avoid Security Problems the Right Way - is more UNIX oriented, but teaches lessons on secure programming that all developers should know.

References:

Writing Secure Code -
http://msdn.microsoft.com/en-us/security/aa570401.aspx

Introduction to Secure Coding Guide - http://developer.apple.com/DOCUMENTATION/Security/Conceptual/SecureCodingGuide/SecureCodingGuide.pdf Defend

Your Code with Top 10 Security Tips Every Developer Must Know - http://msdn.microsoft.com/en-us/magazine/cc188938.aspx

Top 10 Secure Coding Practices - https://www.securecoding.cert.org/confluence/display/seccode/Top+10+Secure+Coding+Practices

How To: Perform a Security Code Review for Managed Code (Baseline Activity) - http://msdn.microsoft.com/en-us/library/ms998364.aspx

Secure Coding Principles -
http://www.owasp.org/index.php/Secure_Coding_Principles

Fundamentals of Secure Software Development - http://www.safecode.org/publications/SAFECode_Dev_Practices1108.pdf

"Secure Coding in C and C++" A Linux.SYS-CON.com Interview With Robert Seacord - http://linux.sys-con.com/node/158854

CERT Secure Coding Standards - https://www.securecoding.cert.org/confluence/display/seccode/CERT+Secure+Coding+Standards

Security Code Review- Identifying Web Vulnerabilities - http://www.infosecwriters.com/text_resources/pdf/Code_Review_KMaraju.pdf

Twelve rules for developing more secure Java code -
http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules.html

Open Web Application Security Project - http://www.owasp.org/index.php/Main_Page

http://www.securityfocus.com/infocus/1596

http://www.cprogramming.com/tutorial/secure.html

http://www.ddj.com/security/187203693

http://www.codeproject.com/KB/tips/CBP_for_memory_allocation.aspx

http://www.informit.com/articles/article.aspx?p=430402

Mail Protocols : SMTP, POP3 and IMAP

What are SMTP, POP3 and IMAP?

SMTP, POP3 and IMAP are TCP/IP protocols used for mail delivery. If you plan to set up an email server, you must know what they are used for. Each protocol is just a specific set of communication rules between computers.

SMTP
SMTP stands for Simple Mail Transfer Protocol. SMTP is used when email is delivered from an email client, such as Outlook Express, to an email server or when email is delivered from one email server to another. SMTP uses port 25.

POP3
POP3 stands for Post Office Protocol. POP3 allows an email client to download an email from an email server. The POP3 protocol is simple and does not offer many features except for download. Its design assumes that the email client downloads all available email from the server, deletes them from the server and then disconnects. POP3 normally uses port 110.

IMAP
IMAP stands for Internet Message Access Protocol. IMAP shares many similar features with POP3. It, too, is a protocol that an email client can use to download email from an email server. However, IMAP includes many more features than POP3. The IMAP protocol is designed to let users keep their email on the server. IMAP requires more disk space on the server and more CPU resources than POP3, as all emails are stored on the server. IMAP normally uses port 143.

Enterprise Architecture's Comparision : Zachman, TOGAF, FEAF, MODAF/DODAF

What
Zachman is like the map at a low resolution.

TOGAF is like the directions on the map that will lead us to some destination (it may be a good or bad destination).

FEAF contains specific information such as the reference models which act like the road rules and speed limits and communication protocols of our mobile phones, etc. (these are the sensible and logical constraints).

MODAF / DODAF and other defense architecture frameworks describe how our vehicle, which we are using to undertake our journey, is constructed, supported, used, etc (say a bike or a car).

When
Always refer back to Zachman when you are lost. (Overcome with complexity).

Refer to TOGAF at specific milestones in the journey. (Preparing for reviews, checking completeness of the architecture, etc.).

FEAF reference models for what technologies, constraints, resources, etc that can be used in the architecture.

DODAF when redesigning or designing or specifying explicitly a ‘widget’ in the architecture. (Widget may be a solution agnostic architectural building block or a solution dependent solution building block).

References:

A Comparison of the Top Four Enterprise-Architecture Methodologies -
http://msdn.microsoft.com/en-us/library/bb466232.aspx

TOGAF

http://www.opengroup.org/architecture/togaf8-doc/arch/p1/enterprise.htm

http://www.integrationconsortium.org/?page=TOGAF9

Gartner Architecture Patterns:

http://www.gartner.com/DisplayDocument?doc_cd=125007

http://www.opengroup.org/architecture/togaf7-doc/arch/p4/others/others.htm

http://www.software.org/pub/architecture/fwhome.asp

Blogs:

Serge Thorn's IT Blog - http://sergethorn.blogspot.com/

http://blogs.ittoolbox.com/eai/qos

CMS : Drupal, Joomla, Plone and DotNetNuke

Popular Content Management Systems(CMS):

1. Drupal

2. Joomla

3. Plone

4. DotNetNuke

5. CMS Made Simple

6. dotCMS

7. ImpressCMS/MiaCMS

Ref:

Open source CMSes prove well worth the price -
http://www.infoworld.com/article/07/10/08/41TC-open-source-cms_1.html

Comparing Open Source CMSes: Joomla, Drupal and Plone -
http://www.idealware.org/articles/joomla_drupal_plone.php

Shall I choose Drupal, Joomla or Plone ? -
http://drupal.org/node/143736