Tree Rat Fishing... It's the nuts.

Using Fiddler with Localhost traffic

Fiddler is an indispensable web application development tool. For those who might not know what Fiddler is, it is a tool that allows you to see the complete request and response between your browser and the web server. I am afraid that many developers may dismiss it as ...

Is IIS giving up your private IP address?

Hackers love information about your network. If you are not using Host Headers on your IIS website then IIS could be returning the IP address of the machine in the TCP header of the response. In single server situations where the server is in a DMZ of a firewall, ...

Disable Caching on an ASP.Net Page

I have been working on database driven ASP.Net site lately and have been having problems with the browser caching pages variables. This is causing issues when the user uses the back command to navigate to the previous page instead of using the provided command button to return to the ...

WordPress 2.5.1, its time to update.

The creators of WordPress has released a very important security update for their blogging platform. Anyone running WordPress 2.5 must upgrade to this latest release. Version 2.5.1 of WordPress is now available. It includes a number of bug fixes, performance enhancements, and one very important security fix. ...

SQL 2005: Tracing… Not just for DBAs anymore

There has always been a gray fuzzy line on how much access does a DBA give to a developer working on a production database. Too little access and they developer can't do their job without involving the DBA and too much access has it's own set of problems and ...

Parking WordPress

So, you have a domain name that you are planning on doing something with. You are all excited when you register it. Then you realize you have to do something with it. It seems like most registrars will graciously let you park the domain and present all sorts of ...

Update: MS Live.. Java Killer

This is an update to a previous post about the MS live Sign-In assistant causing Java programs to stop functioning. Microsoft released an update to the Windows Live Sign-In Assistant. The update is listed as an optional update through Microsoft Update as "Update for Windows Live Sign-In Assistant (KB ...

MS Live.. Java Killer

I could probably go on for hours on how I dislike Java but I won't. I am sure a quick Google search would reveal many blog postings that would share my opinion. A week or so ago, I started to realize that one my applications that relied on ...

WordPress 2.3.3 Security Update

A security fix for WordPress has been released. This fix addresses a flaw in the XML-RPC implementation that effects users with registration enabled. Using a specially crafted URL would enable a user to edit posts of other users. You can either download and install the upgrade using the ...

SQL Security - Running SQL without local user rights

In a previous posting, I mentioned the risks of the "xp_cmdshell" extended stored procedure and how to disable the command. It is a good step towards a more secure SQL installation but more can be done. In that same article, I mention that many SQL installations run the SQL ...