Creating Event Log EventID Values Using C# and .Net 2.0

As all good developers do, I try to log my errors.  However, on some machines I can access the event log ("Application" log in this case) and use EventID of 1000 or 0 or other values, however, it is not consistant what is available between Windows 2000, Windows XP, Windows Server 2003.

So I have the following in my Event Log more often that I would like:

The description for Event ID ( 0 ) in Source ( Application Error ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event:  ...

http://www.codeproject.com/dotnet/evtvwr.asp
http://blog.sbsfaq.com/Lists/Posts/Post.aspx?List=269e4081%2Dac58%2D42a6%2D9a54%2D383a6a3fb0d8&ID=49

Distinguished Fields are cool

From BizTalk HotRod and the "Get on the Bus -- the neudesic connected systems team blog" a great blog entry called Distinguished Fields are cool about the details (and real story) about promoted properties vs. distinguished fields .

BizTalk 2006 Testing, Interviews & Other Stuff

I have been using BizTalk Server 2006 for a few months now and I thought I'd post some of the things I've been using here.

• BizUnit -- Open Source BizTalk Unit Test Framework
• BizTalk Server 2006 Interview Questions -- Somewhat Useful Ramping Up a New Team
• New Functiods In BizTalk Server 2006 -- Useful Reference for BizTalk Server 2004 Developers
• BizTalk 2006 Server MSI Process -- Almost accurate MSI Workflow, will get you started at least (note to self: blog the real way to use MSI)
• Port Binding Modes in BizTalk 2004/2006 -- Good overview of Dynamic, Static, Now, Later and other details about Port Binding in BizTalk 2006 ... must-have knowledge for BTS Devs

I hope you have enjoyed this BizTalk Server 2006 Link List.

By the way, BizTalk Server 2006 R2 is on the street now so go check it out.  Death to HWS!

A practical and authentic approach to massively parallel computing

The face of computer science is always changing and the pace of that change increases every day.  One of the huge ongoing changes in today's engineering approach is a shift from single machines, or small clusters of machines, to massive distributed networks containing hundreds, if not thousands, of servers.  Massively parallel and foreign to most people.

Today the Google blog contained an entry called Let a thousand servers bloom about this topic and they reference a really interesting lecture series they are hosting on Google Code for Educators called Cluster Computing and MapReduce which contains video lectures and related course materials from a series of lectures that was taught to Google software engineering interns during the Summer of 2007.

While not part of the Google Blog linked above, Google Code for Educators also has a great lecture on Web Security containing two lectures and a programming assignment that is designed to introduce students to web based security.

BizTalk 2006, Users, Groups & Troubleshoot

Have you ever needed a full list of the BizTalk 2006 users and groups -- here is one from Microsoft .  If you used that guide Microsoft supplied to install BizTalk 2006, and it did not work (surprise!) you will probably need this BizTalk 2006 Troubleshoot Guide and Tools list.  This dedicated list of BizTalk 2006 troubleshoot utilities is very useful.  And of course, the most common trouble spot with BizTalk 2006 Server is the software components it depends on -- that is why this guide to troubleshoot BizTalk 2006 dependencies is so great!

Custom GetContextProperty Functoid

A newer version of the GetContextProperty functiod, and another useful "sister" functiod can be found here, http://www.codeplex.com/ContextAccessor.

Custom GetContextProperty Functoid

How can I get a message context property (promoted property) from a message in a map for use inside of an orchestration?

Using the Custom GetContextProperty Functoid, of course!

About BizTalk Message Context Properties -- Difference between BizTalk 2006 distinguished field and property field

Here is a good Microsoft page about the differences between property and distinguished fields in Microsoft Biztalk 2006 Server.

Yahoo Search Advertising is a FRAUD

I blogged a few weeks ago about my renewed interest in Yahoo Sponsored Search in my "Dear Yahoo" post.  At the time, I thought that perhaps Yahoo was turning a corner in the online advertising sphere and might have finally figured it out.  I have now, after spending $220 USD and one entire month advertising with them, realized how wrong I was. 

Yahoo's online search ad placement system is horrible.

In fact, I suspect the majority of the site traffic generated by a Yahoo ad is actually fraud.  Google Analytics is a powerful tool and I could teach a class on it at this point -- I've been using it since it was released and I have gone to seminars and taken classes.  So, I spent a few hours focused on Yahoo traffic analysis.  As it turns out, the "visitors" from Yahoo are (98%) fraud generated by Yahoo's content placement site.  Probably ad-placement scammers buying ads from Yahoo and then using "pay to browse" or automated methods to fire the ads and collect my money.

I am getting a 1.05PPV (pages viewed per visit)  traffic load from Yahoo traffic.  That means that 94.55% of the visitors are viewing only the first page after the ad link and then closing the browser -- a sure sign of fraud from the source.  All my legitimate traffic ( Google, TheKnot, WeddingChannel, CraigsList, Yahoo Organic Search) averages a bounce rate (immediate exit) of around 3.85 which is low, to be sure, but does not mean fraud.  The bounce rate for my average traffic is only 22%.

In addition, Yahoo is reporting that I get about 10 visitors a day from their ads.  I am finding about 10% of the traffic I am being billed for actually makes it to my site.  I suspect part of this is that most of the scammers have found a way to trigger the ads in an automated fashion that does not actually request pages from my site -- they're just getting Yahoo to record the click and never even downloading pages from CoryTrese.com

Other key terms I might use to describe Yahoo Sponsored Search include "click fraud", "fraud", "deception", "sucks", "lies", "terrible", "illegal", "unfair", "deceptive business practices" and maybe some other words I won't use on my blog.

Top 10 Security Vulnerabilities in .NET Configuration Files

Developers often concentrate on writing secure code but leave security vulnerabilities in application configuration files. Discover the most common configuration security problems—and how to avoid them.

by Bryan Sullivan

Top 10 Security Vulnerabilities in .NET Configuration Files

Gozi, Amazing!

http://www.secureworks.com/research/threats/gozi/?threat=gozi

ASP.Net 2.0 Complex User Controls and External JavaScript

If you are anything like me, you're spending a lot of time working with ASP.Net 2.0 building complex user controls.

For example, you might need to have a large piece of JavaScript included as an external resource, not emitted into the .aspx page.  This page has a detailed step-by-step guide on how to embedded URL accessible resources into a control.

Or perhaps, also like me, you are making use of the System.Web.UI.Masterpage namespace and are wondering about passing objects between content and master pages.  Well, this page has a detailed step-by-step guide on how to pass information between Content and Master pages in ASP.Net 2.0.

XSD and MSXML 4.0 SP2

Upgrading your XSD to parse on a release of the Microsoft XML Parser 4.0? Using XSD (XML Schema?) Having trouble?

Check this page about conformance to XSD specifications within the Microsoft XML Parser 4.0 software.

For example, might be generating the error:

'all' is not the only particle in a group, or is being used as an extension

Secure ASPSESSIONID Cookies in IIS 4, 5 and 6.0

>From this great page on Microsoft's Help and Support Site:

When you use Active Server Pages (ASP) in Internet Information Server (IIS) 4.0 or Internet Information Services (IIS) 5.0, a session cookie is sent to a user's browser. This cookie identifies the user for the time that they are on the site. These cookies are sometimes called memory cookies, because they are never stored on the user's hard drive like a regular cookie. In reality, this is an additional header that is sent to the browser. Anytime a Web site sends additional information such as this, the browser is required to send it back with each request (provided the server name does not change). The following is an example of an ASP Session Cookie:

Set-Cookie: ASPSESSIONIDGQQGGLIC=HKEDPNNBNBBKMOCFFBEIJENM; path=/

HTTP is a stateless protocol, which means that every time a user connects to a Web site it is just like the first time they connected to the Web server. This is a problem in an environment where you store server-side information for users. The session cookie is a means of performing such tasks.

A problem can occur if developers decide to store confidential or sensitive information in the session. For example, if a developer writes a piece of ASP code that requests a user's credit card number, the developer can store this information in a session variable (session variables are linked to the session cookie) on the server. The user can then browse to a page that lists the information they entered (for example, an authorization page or an order confirmation page). The credit card (when the list is generated) may be pulled from a session variable. If so, this information may be at risk.

The Help and Support page linked to above covers IIS 4.0 and 5.0, however, the command that it lists at the end:

NOTE: After you apply the patch, run the following commands to enable secure cookies (this example enables them for site 1):\

cd c:\inetpub\AdminScripts
cscript adsutil.vbs set w3svc/1/AspKeepSessionIDSecure 1

Is correct for all versions of IIS.  For version 6.0 of IIS simply run that command and the ASPSESSIONID cookie will be set to secure.

I Love Legos

This is a great video of an impressive Lego creation!

IEs4Linux, Support for IE7

I have blogged about this project before, but it is good enough to blog about again.  The project, called ies4linux exists to support installing and running multiple original versions of IE (5.0, 5.5, 6.0, 7.0) under Linux using Wine and CAB files.  Another good blog entry on Web Expose talks in detail about IE 7.0 support and has a good thread of comments from early testers and adopters.

IE on Linux.  Never would have guessed that one back in 1999, would ya?  =)

Quick and Dirty Regular Expressions Visual Basic

A quick and dirty blog about Regex and VB6, useful if you ever have to maintain or write real software in VB6.  Poor us, eh?

10 Best Extensions for Everyone's Favorite Browse

I was reading some random reviews of the last FireFox 2.0 release and hit this link on CNet showing a list of the "10 best firefox extensions" ... some of the choices are terrible, but some are rather good. I already use a few of them...