Visual Studio has its own integrated ASP.NET Runtime engine, which helps to run any ASP.NET web application with in Visual Studio. While running application from Visual Studio, you must have seen a popup notification in System Tray (As shown in below image) , which is notification of ASP.NET Development Server.
This ASP.NET Development Server is nothing but a executable file (WebDev.WebServer) which used by Visual Studio to execute you web application when it’s running in the context of Visual Studio. You can find the executable file at<\Program Files (x86)\Common Files\microsoft shared\DevServer\10.0> . This folder contain two different executable
WebDev.WebServer20.EXE
WebDev.WebServer40.EXE
WebDev.WebServer20 is targeted to CLR 2.0, which means all the ASP.NET Application which are targeted till FW .NET 3.5 will be taking care by WebDev.WebServer20.EXE and WebDev.WebServer40.EXE for ASP.NET 4.0 based application.
Now, let’s see how we can use these executable to run an ASP.NET 4.0 Application with out using Visual Studio.
Step 1 : Open the Command Prompt for “Program Files (x86)\Common Files\microsoft shared\DevServer\10.0”
Easiest way to go there, type Cmd in the address bar ( If you are using Win 7), this will directly open command prompt with exact path .
Step 2: [Optional] TypeWebDev.WebServer40and PressEnter, this will open a popup window with the details of required parameter
Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.
1. Direct connections via the Internet
These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access).DShield's Port Report shows just how many systems are sitting out there waiting to be attacked. I don't understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.
2. Vulnerability scanning
Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.'s NGSSquirrel for SQL Server (for database-specific scanning). They're easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.
Figure 1: Common SQL injection vulnerabilities found using WebInspect.
3. Enumerating the SQL Server Resolution Service
Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews' SQLPing v 2.5is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren't listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.
4. Cracking SA passwords Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability.
5. Direct-exploit attacks
Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.
Figure 2: SQL Server vulnerability exploitable using Metasploit's MSFConsole.
6. SQL injection
SQL injection attacks are executed via front-end Web applications that don't properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually -- if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics' SQL Injector, shown in Figure 3.
7. Blind SQL injection
These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn't receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that's where Absinthe, shown in Figure 4, comes in handy.
Figure 4: Absinthe tool takes the pain out of blind SQL injection testing.
8. Reverse engineering the system
The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In Exploiting Software: How to Break Codeby Greg Hoglund and Gary McGraw, you'll find a discussion about reverse engineering ploys.
9. Google hacks
Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors -- such as "Incorrect syntax near" -- leaking from publicly accessible systems. Several Google queries are available at Johnny Long's Google Hacking Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google's 'site:' operator often turns up juicy info you never imagined you could unearth.
10. Perusing Web site source code
Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.
Well, that didn't take long. One day after the release of the new App Store from Apple, an anonymous user has posted the (very simple) steps to copy the signatures used to sign apps download from the store for use in any other app (paid, or free) to allow you to run them on your Mac.
With that said, you'll be done in 7 quick steps.
Step 1 Install the latest version of Snow Leopard (10.6.6)
If you haven't already done so, you'll need to update to get the new Mac App Store. It's a painless process.
Step 2 Download a Free App from the Mac App Store
Twitter is a good candidate. This will give you the signature files you'll need to use to allow you to run other .app files.
Step 3 Find the Signature Files
Go to your Applications folder in Finder, locate Twitter (or whatever free app you just downloaded), right-click, and click "Show Package Contents".
Step 4 Copy the Signature Files
These are the keys to the vault, so to speak. Navigate to the "Contents" folder and copy the following:
_CodeSignature _MASReceipt CodeResources Step 5 Download the Paid App of your Choice
You will still need to find a way to download or acquire the Mac App Store .app files for the apps you would like to install (As I cannot condone stealing software, I won't be linking to the Angry Birds backup file you misplaced in this post, but if you truly did loose an app, chances are it's not terribly hard to find.
Step 6 Sign the Paid App Using the Files from the Free App Right-click on the paid app file and click "Show Package Contents". Open up the "Contents" folder and delete _CodeSignature, _MASReceipt, and CodeResources. Now paste in the files you copied from the Twitter.app (or whatever free app you downloaded).
Step 7 You're Done! You can now play that Angry Birds app (and any other .app file from the new Mac App Store) to your heart's content. Just repeat the steps above.
Warnings Don't steal software. It's a crime. This guide is intended to help you restore backups of apps you've already paid for.
The HP cloud service is now available to the general public. Signing up to use their service is a similar process to creating an AWS (Amazon Web Services) account.
Another cloud provider
HP want to supply the entire cloud space. You can buy a ready-rolled data center in a shipping container, integrate HP software with the private cloud flagship VMware vCloud, and get support through social media.
HP now offer cloud services, with IT Service Management at the SaaS layer, dev and test at the SaaS layer, and computing, storage and CDN at the IaaS layer. HP’s cloud IaaS offering opened up for beta testing in May.
The compute service is similar to what you can get from the reigning champion AWS — there’s an API for programmers and an easy-to-use web-based control panel for normal people. You can run a small instance for free for a while, and there’s all the cloud stuff of self-service, massive scaling, and utility billing.
The technology
HP has bet its cloud future on the success of the OpenStack cloud system. The HP cloud contains open source building blocks from the OpenStack project. The HP guys added all the parts required to turn OpenStack into a money-making service.
The internal workings of the HP cloud aren’t exposed to the general public, so the core technology is irrelevant to customers.
How can you tell if the software hidden away in HP’s data centers is OpenStack, Cloudstack or Eucalyptus?
Will it last?
Longevity is more important to the average customer than the technology used. If you are tying an enterprise to a cloud provider for a few years, you want to do your homework. OpenStack is a young project, and HP are early adopters. If OpenStack doesn’t make it to maturity then a lot of companies will suffer, including HP. HP doesn’t needs a huge amount of revenue from its new service. If the money doesn’t roll in, the project will be canned.
Customers can happily sign up to HP cloud for the long haul. An OpenStack early demise is extremely unlikely — the OpenStack project is backed by the heavyweights of the IT world. The board of directors includes high flyers from Rackspace, Dell, and Cisco. The failure of the new HP Cloud service is also unlikely (let’s just forget about that HP TouchPad fiasco). This company is in the same weight class as IBM, Microsoft, and Google. It can spend huge amounts of time, money and resources learning how to play AWS at its own game.
Sign up for HP Cloud
And why not sign up and poke around the web control panel, to see if you like it? It takes 20 minutes, no cash, and no fancy technology.
This step-by-step procedure gets you to the control panel. These steps don’t guide you through consuming the HPCloud services.
Open a web browser.
Go to the URL https://www.hpcloud.com/. The HPCloud home page appears, with a big GET STARTED NOW button. Any similarity to http://aws.amazon.com/ is pure coincidence.
Marketers responsible for lead generation are all too familiar with some common challenges –getting closed-loop feedback from the sales organization, measuring marketing effectiveness beyond just lead quantity and cost per lead, and building strong alignment with the sales organization. effective lead generation marketing is very much tied to overcoming these challenges to prioritize lead quality over lead quantity.
The research report released in June 2008 showed that companies rating their lead generation marketing as more effective than competitors were three times as likely to report a strength in closed-loop sales tracking and measuring the ROI (return on investment) of their lead generation marketing. More than half of the marketers with more effective lead generation marketing (56%) expect that their sales organizations would rate the quality of leads as positive (top two scores on a 5-point rating scale) compared to just 20% of those with less effective marketing.
Lead quality is critical to managing and improving bottom line performance. In addition to these research findings, basic ROI analytics can be used to make your case to prioritize quality over quantity and guide your decisions to deliver greater performance and profitability. You ultimately need better insight into the two primary dimensions of quality – average profit per sale and average conversion rates from lead to sale. With insight into lead quality and ROI, the marketing team can unlock untapped opportunities with:
Better alignment of the marketing spend to value potential
Improvements to marketing strategy
Better tracking and metrics
Earning buy-in from the sales organization
We’ll run through some basic math first to build the support for acting on the strategy, metrics, and alignment opportunities.
Marketing Investment Levels Aligned to Value Potential
Cost per Lead is a very commonly used marketing metric (used by 34% of B2B lead generation marketers according to our research).
It can be an insightful metric but it is highly dependent on all leads having the same value and conversion potential, which is rarely the case. If your cost per lead goes up but you bring in better quality leads with either higher profit per sale or conversion rates, it will be a worthwhile investment. Marketing effectiveness can be improved with “value-tiered marketing investments” that align marketing spending with the expected returns for better ROI performance.
For example, you may be marketing to a target audience that has an average profit per sale of $4,000 (based on $16,000 revenue * 25% gross margin) and a lead-to-sale conversion rate of 7%. To achieve an ROI of 25% the maximum Cost per Lead is calculated as $224. The calculation is presented below.
Maximum Cost per Lead = ($4,000 / (1 + 25%)) * 7% = $224
But suppose the target audience is made up of three equal-size segments with the following performance patterns:
Segments
Conversion Rate
Profit per Sale
Segment A
6%
$5,000
Segment B
10%
$4,000
Segment C
5%
$3,000
Total (average)
7.0%
$4,000
Segment A has the highest value, while Segment B has a highest conversion rate. It does not make sense to manage our marketing investment using the average Cost per Lead. Instead we run the basic calculation to determine the maximum Cost per Lead per segment.
Segments
Conversion Rate
Profit per Sale
Maximum Cost per Lead
Segment A
6%
$5,000
$240
Segment B
10%
$4,000
$320
Segment C
5%
$3,000
$120
Total (average)
7.0%
$4,000
$224
Now we can see that more marketing can be invested into Segment B based on the higher quality of the lead. In fact our previous marketing to Segment C that averaged $224 Cost per Lead was actually costing more in marketing than the profits returned and therefore hurting the company’s financial performance.
This is a very basic financial analysis which can be replaced with more advanced versions that take into account the sales investment in addition to the marketing investment and multiple stages of conversion rates from initial sales acceptance of leads through the sales pipeline. The other benefit of improving lead quality is that the cost of sales resources will be reduced as the leads unlikely to convert to a sale are removed from the sales pipeline. In the advanced versions of the ROI analysis, this becomes apparent.
Regardless of the level of sophistication, we have at least established the economic view of why lead quality and targeting are important to drive effectiveness, performance, and ROI. Segmentation of targeted prospects based on the two dimensions of lead quality allows you to invest more in high profit-potential segments and reduce spending with low profit-potential segments.
Improvements in Marketing Strategy
There are a number of key areas of marketing strategy that can benefit with better insight into lead quality. The most significant driver of ROI is targeting so improvements here are a top priority. Lead generation marketing can reach a broad audience with many different types of marketing tactics. The goal is to concentrate additional tactics and offers on the top segments of prospects. This is where lead scoring and predictive modeling can be used to set the priorities and establish investment levels based on the conversion probability and value probability.
Better marketing conditioning and nurturing of leads prior to the hand off to the sales team improves conversion rates. Improvements in the effectiveness of this stage of marketing can be assessed using lead-to-sale conversion rates and incremental customer value per sale. Once again, a basic ROI calculation can demonstrate how investing in additional marketing touchpoints prior to handing leads off to sales can generate significant returns from increased revenues.
The focus on narrowing the marketing efforts on fewer but better prospects to deliver higher quality leads always sparks the same question – “but what if the volumes drop too low?” If you apply the ROI analysis shown above and identify the point of diminishing returns – that is the point where the cost per lead is too high to reach your ROI target – it is certainly possible that your total lead quantities will decrease. But when you reach the point where your lead generation marketing will no longer be profitable, quantity will not help. You must then shift your priorities to improving effectiveness with the leads you are already generating. To achieve this effectively, marketing must be working in step with the sales organization to improve conversion rates within the sales pipeline.
Keep in mind that improving conversion rates in the sales pipeline has very high profit potential, even if lead quantity is not an issue. If only 2% to 10% of leads are converting to closed sales, that means 90% to 98% of the leads are leaking out of the funnel, offering plenty of room from performance improvements. Marketing organizations that are restricted to lead generation with a minimal role in supporting the sales pipeline should look closely at the opportunities here to build the case for better alignment and integration.
As part of your overall funnel management and getting the most value from the leads generated, ROI insight tied to lead quality can also support decisions for marketing to nurture rejected or stalled leads.
Better Tracking & Metrics
Marketing ROI is driven by three primary drivers of profitability – incremental customer value (ideally long-term profits), lead-to-purchase conversions rate, and cost per sale. Add “Total Sales Volume” to that list and you have the four most critical metrics for managing performance – keeping the company’s overall financial performance on track and guiding marketing and sales priorities to reach and exceed goals. These same metrics work at the campaign level to prioritize segments for targeting and guide budget allocation, as addressed earlier in this article. Other marketing metrics should align to these core metrics to provide greater depth of insight that can be acted upon. For example, a metric such as Average Value of First-Time Buyers may serve as an early indicator of a likely decline in future revenues if your marketing is now attracting leads from lower value segments.
In order to use better metrics that reflect lead quality, you must have better tracking – in particular the closed-loop feedback from the sales organization that captures the lead outcomes such as sales acceptance, funnel progression, and conversion to closed sale. The ratio of marketing qualified leads (“MQLs,” which represent the leads marketing deems ready to hand over to the sales organization) to sales qualified leads (“SQLs,” which represent the leads sales accepts as qualified for a sales contact) is very important. Marketing can improve this MQL to SQL ratio when provided with feedback to understand the drivers of rejected leads and profiles of the accepted leads.
Additional tracking detail from the sales organization that can support improvements in lead quality includes:
Lead screening reasons (i.e., why MQLs are not accepted as SQLs).
Lead progression rates through key funnel stages to show leakage points.
Average days from lead hand-off to sales contact (reflecting sales capacity and the “freshness” of leads contacted).
Good reporting on leakage reasons (i.e., why they dropped out of the sales pipeline).
Joint win-loss analysis to assess leads lost late in the sales pipeline.
Analyses of closed sales to provide information on both net close rate and incremental customer value (sometimes available through financial systems instead of sales reporting).
Marketing also has to take responsibility for tracking and maintaining quality data for performance analysis. The Demand Generation Case Study showed that access to data under marketing’s control was a weakness yet had a strong correlation to achieving highly effective and efficient marketing. In particular, marketing must maintain detailed tracking of outbound and inbound marketing touchpoints to prospects during the lead generation process. This information is critical to applying more advanced measurements that can properly attribute sales contribution to multiple touchpoints instead of just crediting the most recent lead source.
Earning Sales Buy-In
Simply wishing for, or even requesting, that the sales organization put extra effort into providing tracking information to marketing is not enough. Marketing must make the case that it can and will act on the information provided. As established at the beginning of this article, lead quality benefits the sales organization as well as the financial performance of the company. Leads with higher conversion rates use sales resources more efficiently. And higher conversion rates and higher value per sale both contribute to achieving sales goals.
The B-to-B Lead Generation: Marketing ROI and Performance Evaluation Study found that companies outgrowing their competitors had better alignment between sales and marketing than companies growing slower than competitors as shown in the chart below.
One of the most effective ways that we have found to break down the barriers between marketing and sales is to identify and work with a pilot team within the sales organization. The pilot team is typically a group that sees the potential value of lead quality, or is willing to experiment in order to improve performance. The tracking efforts are done without major investments into systems infrastructure or organization-wide process changes.
The closed-loop information provided back to marketing is then applied to improve lead quality from the initial targeting and tactical investments, to marketing’s lead qualification and contribution to the sales pipeline. A basic ROI analysis is used to run scenarios that indicate the key priorities for where additional marketing support can most effectively lead to incremental sales and profitability. Improving lead generation marketing is a continuous journey, but one that offers significant profit potential.
The Windows Registry is a database of system and application settings, as well as runtime information.
It can be a confusing morass of keys, subkeys, and values, but if you know what you're looking for you can quickly back up and fix almost anything.
Similar to a file explorer, registry values are organized into keys (folders) and subkeys (subfolders), with values (files) having a name and some bit of stored information. Backing up registry values in Windows XP creates \"reg\" files, which can be edited in a text editor and merged into the Registry to re-enable your preferred settings. Instructions Things You'll Need Registry Editor (regedit.exe on Windows XP)Regular backups of registry values before editing.
Manual Editing—Registry Editor 1
Open the Registry Editor from the \"Start\" menu by selecting \"Run...\" and typing \"regedit\" in the popup dialog. 2
Find the registry value in a registry tree (key) that needs to be fixed. For example, the setting for showing \"Recent Documents\" in the Start menu is stored at [HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer] in the registry value \"NoRecentDocsMenu\". 3
Before changing anything in the registry, create a backup of the registry key by right-clicking on the key in the left side of the Registry Editor—in this case, \"Explorer\" is the lowest key -- and select \"Export\". Save the file to your Desktop with a recognizable name, such as \"Explorer Policy—Original.reg\", with the extension \"reg\" telling Windows it is a registry key file. 4
Double-click on the registry value \"NoRecentDocsMenu\" to modify it (right-click to \"Rename\" it). In the popup window, change the \"Value data\" from 0 to 1 to disable \"Recent Docs\" in the Start Menu. Click \"OK\". 5
Changing some registry settings may require a logoff/logon before taking effect, while others may require a computer restart. Try logging off and back on, then check the Start menu to see the effect. Manual Editing—Reg Files 1
Find the backup registry file we created earlier, \"Explorer Policy—Original.reg\". The default double-click action may be to merge the setting with the registry, so right-click and select \"Edit\" to open it in Notepad. 2
The first line of the file tells you what you used to create the registry file, and must be present— \"Windows Registry Editor Version 5.00.\" The registry key we changed appears between square brackets [ ], ending in \"...Policies\\Explorer].\" The registry values are beneath the key, given as \"name\"=type:value. Note that all of the values we saw earlier in the Registry Editor were saved to this file, not just the one we changed. 3
Erase all of the values except the line with \"NoRecentDocsMenu\"=dword:..., and save the file as \"Explorer Policy—Recent Docs.reg\" to your Desktop. This file now has the instructions to find the given registry key (or create it if it doesn't exist) and modify (or create) the registry value with the given data type and value. This will restore the Recent Documents to the Start menu. 4
Right-click on the new registry file and select \"Merge.\" Click \"OK\" to approve changing the registry, and \"OK\" for the popup indicating a successful change. 5
Log off and back on and then check the \"Start\" menu to see the effect. Tips & Warnings
In a registry file, to remove a specific value, put a minus sign after the equals, like \"NoRecentDocsMenu\"=-. To delete the default value of a key, enter @=- on the next line below the key name in brackets. To delete the entire key (and all of its subkeys and values) put the minus directly after the open bracket in the key name, like [-HKEY_CURRENT_USER\\Software...
To \"refresh\" Windows after a registry change, so you may not need to log out and back in, open the Task Manager with \"Ctrl+Alt+Del\" or \"Ctrl+Shift+Esc.\" Select \"explorer.exe\" and click \"End Process.\" After it reloads (the desktop and taskbar may flash), check to see if the new registry settings have taken effect.
If a registry change causes Windows to fail, use the Recovery Console to restore the registry hive backup (.BAK) file, usually saved to the %Windir%\\System32\\config folder.
Many programs create registry keys that remain even if they are uninstalled. A \"bloated\" registry can affect computer performance, since the registry is constantly being scanned for data. Careful use of registry-cleaner software may help, simplifying the manual steps to remove unneeded registry keys.
ALWAYS back up the registry before you edit anything. However, changing something major may prevent you from accessing the registry or even logging in to Windows, so consult appropriate documentation about how keys affect Windows behavior before \"going fishing.\" Creating a System Restore Point before editing may also be a good idea.
Do not double-click registry files—this is usually the default action to merge their contents to the registry. Instead, always right-click registry files to ensure you are choosing the correct action.
You must be logged in as a user with administrative privileges in order to edit the registry.
This weekend I installed the new Visual Studio 2010 on several different machines. I use multiple OS platforms so it’s useful to have Visual Studio installed on machines with different configurations. I had no problems installing on Windows 7 and Windows Vista, but hit a snag on Windows Server 2003 (SP2).
After installing Visual Studio 2010, VS launched fine but when I attempted to create a project, I got the not-so-helpful error message “Error writing the project file. Class not registered”. OK.
I noticed that when I launched VS for the first time I did not get the option to select a settings configuration, such as General Development Settings or Web Development, like I did with the installs on other machines. In the VS 2010 UI, when I went to Tools | Import and Export Settings, the UI dialog had an empty list box where I expected to see a list of files with a .vssettings extension. After searching the Internet for this error message I came across several possible causes. Well to cut to the chase, it turns out that the machine I had installed onto did not have the required MSXML6 parser. A VS settings file is XML-based and evidently needs MSXML6 rather than earlier versions of the parser.
A quick install of that component from Microsoft.com/downloads solved the problem.
