Thursday, November 09, 2006

October - Smoley.org Hacked, High-Speed Internet, ASP.NET...

It has been way too long since my last post. Rather than wasting unlimited white-space, I'll jump right in...

Smoley.org was hacked by someone in China. I first noticed a call to a non-existent .aspx file on my server while reviewing raw log files. Their first attempt was unsuccessful, but by the next day they had managed to hack their way into my root and upload a trojan horse. I contacted my host and after many emails and poor telephone customer service, the best they could come up with was that a brute-force attack was executed against my FTP credentials. Hmmm....o.k. So despite already using a mixed-case-alhpa-numeric format, the solution is to just go ahead and change my passwords?!? Nice. Oh wait, here's an idea!!! How about setting an authentication failure limit on the server side?!? Perhaps after the first thousand "failed" log-in attempts, a threshold limit is triggered...the offending IP block is banned..an email is sent to the server admin and the user account is temporarily suspended. Needless to say, I'm switching providers. I currently host my domains with Easy-CGI as well as with . So far GoDaddy has been very helpful. Not to mention I can host multiple domains on one account, have more disk space and bandwidth, have an MSSQL database, and pay $4.00/mo less than Easy-Cgi. Enough said!

FINALLY, getting a high-speed connection was the second event that made October interesting. Other than being lazy, I really had no excuse for putting it off...especially considering my employer reimburses my costs. Anyway, life in my new high-speed wireless world has been grand!

The hack against smoley.org triggered my interest in ASP. Consequently, I picked up a book titled, Sams Teach Yourself ASP.NET 2.0 in 24 Hours, Complete Starter Kit (Sams Teach Yourself)by Scott Mitchell. It's a really well written book, but is certainly written for the beginner. Not to imply I knew anything about ASP when I began reading the book, but now that I've developed my skills I feel I've outgrown the book rather quickly. In particular, I felt the book was a little weak with regard to migrating a site from the desktop environment (i.e., local host) to a real-world hosting environment. For example, all of the book's examples use a MSSQL express database that resides nicely within the site's structure. Although I fully understand why Scott presented the exercises this way (and I would have probably done the same), an additional "advanced" chapter would have been very helpful. The second gripe I have, is that the book doesn't do justice to the gridview. Although there are plenty of, "here's how you drag-and-drop a gridview onto the page and change its properties" it offered little help specific to formatting the data in anything other than the standard table view. With that said, the book did serve its purpose and proved to be informative and helpful in teaching me the basics of ASP.NET and Visual Web Developer. However, I am most impressed by Scott, insofar as the dude is only 27 years old and has written something like eight books...unbelievable!!!

"Fear is death's polite way of telling you to RUN!!!" ~ Smoley   11/09/2006