Presently, I am working on a project using classic ASP. My development machine is Vista Enterprise. Although Vista does allow you to have multiple Web Sites (not without a workaround in XP), it has removed the SMTP service from IIS.
Is there a standard workaround for this issue?
As more web developers at my company receive new machines I am concerned that this issue will become a greater irritant. (Currently I am the only Web Dev using Vista)
I found a better suggestion over on serverfault.
This thread details it
http://smtp4dev.codeplex.com/ Nice tool.
You have two workarounds. You can direct all mail to your company's SMTP server. This often means that your development machines use a different config (remote SMTP vs local), so I find this less desirable.
You could also install another SMTP server on your dev machine. One option is the free Mercury Mail Transport System by the maker's of the venerable Pegasus Mail.
This is very similar to "What’s a good mail server for development use?"
I have tried 3 things:
sendmail from SUA community warehouse built with SASL (AUTH) and OpenSSL (SSL/TLS) for Interx/SFU/SUA. This works well but is quite slow to start a session for some reason. And of course it is sendmail so about as opaque to configure as humanly possible. (Services for UNIX 3.5 and the Subsystem for Unix Applications also come with an old-ish build of sendmail that does not have AUTH and ssl.)
Mercury Mail Server. The setup and managment feels obtuse and dated to me.
hMailServer. Very slick. Quick setup and intuitive to configure. I like it.
Take a look at Papercut. It works well for my development environment on Windows 7.
Description of Papercut from the CodePlex site:
Papercut is a simplified SMTP server designed to only receive messages
(not to send them on) with a GUI on top of it allowing you to see the
messages it receives. It doesn't enforce any restrictions on
addresses, it just takes the message and allows you see it. It is only
active while it is running, and if you want it in the background, just
minimize it to the system tray. When it receives a new message, a
balloon message will show up to let you know.
I use the built-in settings for SMTP mail to dump emails to a directory as shown in this post:
How can I use a local SMTP server when developing on Windows 7?
Related
Here is the problem: We have a client that uses Progress Openedge database, we need to execute queries on this database from our servers.
Currently the drivers are installed on our Windows server, and the PHP code uses ODBC to run the queries.
Now we would like to move the code to a Linux server. We tried before to work with their linux drivers but that attempt has failed.
The question is, Is it possible somehow to run PHP code on a linux server, this code communicates with the Windows server, runs the query on the Windows server, and return the results to Linux?
How would you access to this problem.
Thanks!
Yes, it's possible. Your question boils down to "how can my Linux server ask my Windows server to do something" (where the "something" happens to be "talk to a database"), and there are a variety of ways to accomplish that. You could run a web service (RESTful or SOAP) on the Windows server, for example.
Make sure you think about security: if you deploy a service on your Windows server that lets remote clients modify a database, you have to be mindful of which remote clients are allowed to use that service. The last thing you want to do is accidentally allow random strangers to run arbitrary queries against your database.
We have a Knowledgebase Article detailing some setup procedures for Linux installations; it also has a video explaining some aspects of the setup. If the other answered haven't provided a complete solution for you, hopefully our article can at least get you started in the right direction.
Also keep in mind that depending on your version of OE, the driver libraries may be different.
Are there any build in features that prohibit
1) too many login attempts from the same IP
2) too many login attempts for the same username
or should I enhance those web applications by myself?
My server already got hacked once because I had a weak password, now I have a 10k bit keyfile for my piece of mind.
Those tomcat managers seem to be the next most dangerous things in my eyes, besides someone exploiting my web applications with malicious requests.
Not as far as I know, the best would be to disable the Host manager if you don't need it, or restrict ONLY the manager app to a single IP address. As long as you have a strong password and a secure application you should be fine
You want the LockOutRealm:
http://tomcat.apache.org/tomcat-8.0-doc/config/realm.html#LockOut_Realm_-_org.apache.catalina.realm.LockOutRealm
It is configured by default in server.xml in remotely recent versions of Tomact 7 and all versions of Tomcat 8.
OpenDNS introduced DNSCrypt, and they runs the server in their OpenDNS server.
http://www.opendns.com/technology/dnscrypt/
And the client program is opensourced:
https://github.com/opendns/dnscrypt-proxy
This is significant for network environment that is censorship-ed, like China.
But OpenDNS servers are quite slow responsive to China, I hope to setup a DNSCrypt server on my own server, but can find nothing like that.
Does anyone know about if the DNSCrypt server part opensource or not ?
Many other servers are supporting the protocol, and it is easy to add it to your own server as well.
See the DNSCrypt implementations section of the documentation for some information.
Most of the servers, if not all, use encrypted-dns-server, either directly or via the DNSCrypt docker image.
The dnscrypt-proxy client also includes step by step instructions to install a dnscrypt server on a VPS.
Another option is PowerDNS dnsdist.
I was recently working with a product from Symantech called Norton EndPoint protection. It consists of a server console application and a deployment application and I would like to incorporate their deployment method into a future version of one of my products.
The deployment application allows you to select computer workstations running Win2K, WinXP, or Win7. The selection of workstations is provided from either AD (Active Directory) or NT Domain (WINs/DNS NetBIOS lookup). From the list, one can click and choose which workstations to deploy the end point software which is Symantech's virus & spyware protection suite.
Then, after selecting which workstations should receive the package, the software copies the setup.exe program to each workstation (presumable over the administrative share \pcname\c$) and then commands the workstation to execute setup.exe resulting in the workstation installing the software.
I really like how their product works but not sure what they are doing to accomplish all the steps. I've not done any deep investigations into this such as sniffing the network, etc... and wanted to check here to see if anyone is familiar with what I'm talking about and if you know how it's accomplished or have ideas how it could be accomplished.
My thinking is that they are using the admin share to copy the software to the selected workstations and then issuing an RPC call to command the workstation to do the install.
What's interesting is that the workstations do this without any of the logged in users knowing what's going on until the very end where a reboot is necessary. At which point, the user gets a pop-up asking to reboot now or later, etc... My hunch is that the setup.exe program is popping this message.
To the point: I'm looking to find out the mechanism by which one Windows based machine can tell another to do some action or run some program.
My programming language is C/C++
Any thoughts/suggestions appreciated.
I was also looking into this, since I too want to remote deploy software. I chose to packet sniff pstools since it has proven itself quite reliable in such remote admin tasks.
I must admit I was definitely over-thinking this challenge. You have probably done your packet sniff by now and discovered the same things I have. I hope by leaving this post behind we can assist other developers.
This is how pstools accomplishes execution of arbitrary code:
It copies a system service executable to \\server\admin$ (you either have to already have local admin on the remote machine, or supply credentials). Once the file is copied, it uses the Service Control Manager API to make the copied file a system service and start it.
Obviously, this system service can now do whatever it wants, including binding to an RPC named pipe. In our case, the system service would install an msi. To get confirmation of successful installation you could either remote poll a registry key, or an rpc function. Either way, you should remove the system service when you are done and delete the file (psexec does not do this, I guess they don't want it to be used surreptitiously, and in that case leaving the service behind would at least give an admin a fighting chance of realizing someone had compromised their box.) This method does not require any preconfiguration of the remote machine, simply that you have admin creds and that file sharing and rpc are open in the firewall.
I've seen demos in C# using WMI, but I don't like those solutions. File sharing and RPC are most likely to be open in firewalls. If they aren't, file sharing and remote MMC management of the remote server wouldn't work. WMI can be blocked and still leave these functional.
I've worked with a lot of software that does remote installations, and a lot of them are not as reliable as pstools. My guess is that this is because those developers are using other methods that are not as likely to be open at the firewall level.
The simple solution is often the most elusive. As always, my hat is off to the SysInternals folks. They are true hackers in the positive, old school meaning of the word!
This sort of functionality is also available with products LANDesk and Altiris. You need a daemonized listener on the client side that will listen for instructions/connections from the server. Once a connection is made any number of things can happen: you can transfer files, kick on installation scripts, etc. usually transparently to any users on that box.
I've used the Twisted Framework (http://twistedmatrix.com) to do this with a small handful of Linux machines. It's Python and Linux, not Windows, but the premise is the same: a listening client accepts instructions from a server and executes them. Very simple.
This functionality can also be accomplished with VB/Powershell scripts in a Windows-based domain.
I am looking for an enterprise subversion setup, that will fit the following requirements:
I need at least 2 instances of the repository server for high availability reasons
Management of multiple repositories
The 2 repository servers need to be synchronized.
Easy administration and configuration
User & authorization management with LDAP integration (web-interface) - optional
Backup & restore features, that guarantee the recovery with not more than 1 day of lost data
Fast and easy setup.
Monitoring of the repository(traffic, data volume, hotspots..) - optional
good security
either open source or low price tag, if possible
some pricing range, if a commercial tool is recommended.
a VMWare appliance would be great.
I am interested in an appliance or a set of subversion tools, that support these requirements. The operating system should be Ubuntu.
The configuration and setup of the toolset should be doable in hours or at the most a few days...
Our development team is not huge (about 30 people), but grows continually.
I have been unable to find anything (with the exception of Subversion MultiSite, that seems to big (and expensive? - they give no price information) for our enterprise)
Can anyone recommend a solution? Could you also describe your experiences with the recommended tool?
The easier and faster installation and configuration is, the better... If it is without a price tag, this is even better..
Thank you for any help.
I haven't seen a shrink-wrap setup for this, so far. If you want to build that from scratch, here are some pointers:
You can use builtin commands for the mirroring of the repo.
For multiple repos, just create a huge one and then add paths below the root.
For me, the command line is "easy admin&config", so can't help you there
To get user management, let subversion listen to localhost (127::1) and put an apache web server in front. There a loads of tools for user management for web servers.
For backup&restore, see your standard server backup tools.
VisualSVN Server answers most of your requirements.
From the web promo page (my emphasis):
Zero Friction Setup and Maintenance
One package with the latest versions of all required components
Next-Next-Finish installation
Smooth upgrade to new version
Enterprise-ready Server for Windows Platform
Stable and secure Apache-based Windows service
Support for SSL connections
SSL certificate management
Active Directory authentication and authorization with groups support
Logging to the Windows Event Log
Access and operational logging (Enterprise edition only)
Based on open protocols and standards
Configured by Subversion committer to work correctly out-of-the-box
I can vouch for visual SVN. I use the free version for our team of 4 developers, and it does everything it says on the tin reliably. Installation also took all of 5 minutes. That said, it does require a windows box.
Running a subversion server in a VMWare instance with one of VMWare's "High Availability" tools will give you most of what you need. There are pre-built VMWare Appliances that have a Subversion server built in. http://www.vmware.com/appliances/directory/308
VMWare's HA features will give you the redundancy of the SVN server instance. (You're going to need multiple physical servers for true redundancy. If one server fails, VMWare will re-start the instance on the new server.)
I don't know of any VMWare appliances that have special backup features, but this is pretty trivial to script. Just run an 'svnadmin hotcopy' once a day, so you have a copy of the repository ready to go in case of a corruption. (On top of this, you really should be using a SAN RAID array with tape backups.)
Our setup:
Rack of Blade Servers
VMWare Infrastructure
Virtualized Windows 2003 Server
If Windows crashes or one of the blades goes down, VMWare re-starts the Windows instance.
CollabNet Subversion Server, running Apache with SSPI authentication
SVN repo lives on a SAN
Nightly svnadmin hotcopy and verify of the repo (to another directory on the SAN), so we have a "hot" backup of the repo ready to go in case of a corruption problem.
Nightly tape backups of everything
Tapes taken offsite regularly
The cost of the server hardware and VMWare is going to be your biggest issue (assuming you don't already have this.) If you're not willing to make this kind of cash outlay, it may be worth looking at a hosted SVN provider.
We use svn for enterprise work. It is perfectly adequate. There are plenty of enterprise testimonials, including one from Fog Creek (Joel on Software, Stack Overflow).
I don't believe you need anything beyond the regular version.
I suppose you are aware that it is typical to use Subversion with TRAC, the issue tracking system.