Steve Schofield's Blog

Powershell Script, WMI to get DNS settings.

2008-08-23T02:36:00Z

A while ago I wrote my disappointment about Powershell and trying to pick up the syntax. I've scripted for years with WSH / VBS, ASP, ASP.NET, VB.NET and some C#. I was used to Visual Studio and the rich debugging support. Coming from a web developer...( read more )...(read more)

URLScan 3.0 rtw (release to web) available

2008-08-21T09:53:00Z

I have to give kudo's to the Microsoft IIS team for updating URLScan to help block automated sql injection attacks. Especially to Wade Hilmo and Nazim Lala . They have been very responsive when it came to involving the community (Thanks guys for the w3c...( read more )...(read more)

SQL Server reference KB article on rollups

2008-08-20T17:41:00Z

I was looking for a sql server 2005 rollup. Here is a KB article that has all of them. http://support.microsoft.com/kb/937137...( read more )...(read more)

Send email with powershell cmd-let

2008-08-19T03:17:00Z

I've been reading the Powershell newsgroup, which is pretty much the authoritative source for community help. http://www.microsoft.com/communities/newsgroups/list/en-us/default.aspx?dg=microsoft.public.windows.powershell For those who want to send email...( read more )...(read more)

Getting CDONTS to work on Windows Server 2008 x64

2008-08-19T02:12:00Z

A few questions come up in the forums @ http://forums.iis.net about people moving Classic ASP applications that use CDONTS. CDONTS was introduced in NT4 and was widely popular. With the success of ASP applications 'back in the day', many used CDONTS to...( read more )...(read more)

Enable Loopback adapter on Windows Server 2008

2008-07-23T18:18:00Z

netsh int ipv4 set int "Loopback Adapter" weakhostreceive=enabled weakhostsend=enabled netsh int ipv4 set int "Local Area Connection" weakhostreceive=enabled weakhostsend=enabled...( read more )...(read more)

UNC caching information in forums.iis.net post

2008-07-17T04:08:00Z

Here is a post in forums.iis.net that is worthy of an complete article. http://forums.iis.net/t/1150447.aspx It addresses caching on a UNC path where the server is a non-OS file server. It's a Novell server using CIFS. If you have documents on a Samba...( read more )...(read more)

Google free Web App security scanner

2008-07-10T01:04:00Z

Google giving away free Web App security scanner: http://news.yahoo.com/s/pcworld/20080703/tc_pcworld/147917 Cheers, Steve...( read more )...(read more)

IIS7 - post #70 - IIS 7.0 podcast by Steve Schofield

2008-07-09T02:48:00Z

I've listened to a lot of podcasts and never "until now" did a podcast. Craig Shoemaker approached me about doing a podcast. The podcast was real easy! All I had to do was talk about the subject I've been involved with since December 2005, IIS 7.0. We...( read more )...(read more)

Misc Powershell links

2008-07-08T14:38:00Z

For my own reference. Freenode IRC network: irc.freenode.net Web client at powershelllive.com/irc Newsgroup name microsoft.public.windows.powershell www.PowerScripting.net www.PowerShellCommunity.org...( read more )...(read more)

SQL Injection rule explaination of what is actually scanned by URLScan

2008-06-27T14:52:00Z

One of the things I was curious what URLScan actually scanned and how. What is just some server variables or what?! I asked Wade H from the IIS Team for further explaination. It is good to be aware when you are implementing URLScan 3.0 and sql injection...( read more )...(read more)

Tool to help detect SQL Injection

2008-06-27T04:21:00Z

Here is a tool to help detect sql injections. You have to sign-up for the free tool, but it's worth it. http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2008/06/23/finding-sql-injection-with-scrawlr.aspx Hope this helps...( read more )...(read more)

URLScan 3.0 - help with sql injection attacks.

2008-06-25T03:55:00Z

For those supporting a Classic ASP and ASP.NET application, you probably have noticed an increase in sql injection attempts. Microsoft has released an updated URLScan 3.0. Here is the link to download URlScan version 3 beta for 32 bit or 64 bit . You...( read more )...(read more)

SQL Injection information for IIS admins and developers

2008-06-23T04:51:00Z

The sql injection that has came up is affecting several ASP and ASP.NET applications. Although the only way to prevent an attack is validate the code, hopefully these posts will provide some direction. I included some links that discuss this more. http...( read more )...(read more)

Powershell 2.0

2008-06-23T03:35:00Z

I''ve tried really hard to get excited about Powershell 1.0, it just hasn't stuck. Am I the only one?! :) However, (yes there is a however). The great thing about software, there is a 2.0 release sooner or later. I've made the committment to learn Powershell...( read more )...(read more)