ClamWin and anti-virus comparisons

Feb 10th, 09 / 0 Comments

We just took “delivery” of another dedicated server for a project we were doing and this time used a differnet hosts to the ones we usually use, mainly because for this project we needed cheap. (I’ll post who they were once I have some confidence they are any good!) The install ClamWin free-of-charge, which I had never heard off.

ClamWin bills itself as “open source anti-virus”. For me, anti-virus seems like the sort of thing that *needs* to be commercial because surely you need to pay a team of developers to research and build fixes for new malware. I wasn’t, and am not, immediately sure how you do that on a free model. Googling around for them I came across their Wikipedia article.

At the bottom they provide a link to Virus.gr (http://www.virus.gr/portal/en/), which runs a comparative test of the different products. ClamWin comes in 37th with a 55% detection, which I guess is better than 0%, but still… not good.

What surprised me more was the rest of the list. The Top 10 were:

1. G DATA 2008 version 18.2.7310.844 – 99.05%
2. F-Secure 2008 version 8.00.103 – 98.75%
3. TrustPort version 2.8.0.1835 – 98.06%
4. Kaspersky version 8.0.0.357 – 97.95%
5. eScan version 9.0.742.1 – 97.44%
6. The Shield 2008 – 97.43%
7. AntiVir version 8.1.00.331 Premium – 97.13%
8. Ashampoo version 1.61 – 97.09%
9. Ikarus version 1.0.82 – 96.05%
10. AntiVir version 8.1.00.295 Classic – 95.54%

But, wow, basically what’s the target here? I would say that a 2% miss rate was too high for this problem. Now, most of those I had not heard of, but what really surprised were:

20. McAfee Enterpise version 8.5.0i – 86.57%
23. Norton 2008 – 83.34%

…and Trend, which we use in the office:

33. Trend Micro Antivirus+Antispyware 2008 version 16.10.1079 – 67.28%

…and seeing as Trend have just started nagging me about our yearly subscription being elapsed, goodbye to them. Oddly on our production servers we use Kaspersky, mainly because I found Trend a nightmare to manage and irritating and Kaspersky not so.

The latest Virus.gr tests are here:
http://www.virus.gr/portal/en/content/2008-06%2C-1-21-june. Others can be found from the top navigation. Digging around, Kaspersky has been around the top in previous years.

Makes you think thought, because you assume AV from the big name providers would perform the best…

MBRIT

REST vs Web Services

Feb 5th, 09 / 0 Comments

Most of the projects that we undertake at MBRIT involve integration of some sort between two systems. Whenever I write up the technical proposals for the systems, I’m always faintly embarassed to recommend hooking the two systems together using XML documents submitted over HTTP/HTTPS. It always *feels* like the wrong way of doing it, which I presume is way back in 2001 when .NET was getting started Microsoft pitched it primarily as a way of building Web services. That primal part of my brain that remembers that early history has a reaction that using non-SOAP methods for moving data about in that way is unprofessional.

However, given that almost eight years of water has passed under the bridge, and actually a lot of end-points are very non-SOAPy. I can’t remember the last time I came across a non-Windows end-point that uses SOAP. Most of them use what I have recently discovered is called a REST interface – i.e. post a document over HTTP/HTTPS.

I also happened across this article with Tim O’Reilly on Web services cf. REST. Worth a read… http://www.theregister.co.uk/2006/04/29/oreilly_amazon/.

MBRIT

Three more DN247 network sites

Jan 29th, 09 / 0 Comments

I’m pleased to announce that we have launched three more DN247 sites with the same “special sauce” that goes into .NET 247. (Which, honestly, I cannot believe is coming up to its eighth birthday!)

We have EHLO Exchange (http://www.ehloexchange.com/) and SQL Server Wins (http://www.sqlserverwins.com/) which are dedicated to Exchange Server and SQL Server. We also have Old Skool Developer (http://www.oldskooldeveloper.com/) that is basically everything that is not Office VBA-type stuff and not .NET-type stuff – essentially all the stuff that you either need to do legacy code or all the stuff you need to do weird and wonderful things on Windows.

Enjoy!

.NET 247

Random thought – what’s the word…

Jan 29th, 09 / 0 Comments

So, I think there should be a word for the feeling you get when your iPod plays songs that you think are *excellent* one after another, after another.

I personally would like this word to be a German sound, something like schadenfreude, but obviously not that as that’s more to do with how you feel when someone’s iPod is playing bad song, after bad song, after bad song…

Anyone got any ideas?!

Random

Fiddler saves my life once again

Jan 22nd, 09 / 0 Comments

So there I am, gone midnight, trying to fix a showstopper bug for a customer dem tomorrow.

What comes to my rescue *again*, Fiddler – http://www.fiddlertool.com/fiddler/.

If I had to pick the best developer tool out there, I would absolutely pick Fiddler as my number one choice.

MBRIT

The .NET Framework is *very* big

Jan 18th, 09 / 0 Comments

I have uploaded an update of the metadata model for the .NET Framework to .NET 247. This goes all the way (finally!!!) up to .NET 3.5, and includes WCF, WPF and so on.

When I started .NET 247, .NET 1.0 was on the scene. At the time this had, from memory, something like 3,500 public types and about 70,000 public members. (Originally, .NET 247 was only bothered about public types and members, but now .NET 247 has the private types and members too. Over the years I have often found the weirdest problems to be rooted in the private parts of the Framework.)

If you now take *all* of .NET, you have something like…

14,797 public types (22,249 in total)

1,484,013 members. *ONE AND A HALF MILLION*. (An average of 66 members per type.)

623,285 of those members are public.

That is *astonishing*. I knew .NET was big and complicated, but *wow*. Seeing as the average person knows between 30,000 and 40,000 words, that would mean that anyone who could identify all 15,000 .NET public types has got a vocabulary that is 27% .NET.

.NET 247

CAPTCHA components

Jan 13th, 09 / 0 Comments

Back in 2004, I implemented CAPTCHA checking on .NET 247. At the time I used as component called FormGuard from a company called Xheo (http://www.xheo.com/). In the intervening years, Xheo have stopped supporting this component, so I looked elsewhere.

In the end I found a link to a free component punted by a gentleman called Peter Kellner (http://peterkellner.net/2006/08/20/the-ultimate-captcha-custom-server-control/). Didn’t take long to get it working on the site and was a quick and easy solution.

One thing that was interesting during this process though is that if you Google for “captcha”, one of the links that comes up is from a company called “decaptcha”. They offer a service where they will defeat 1,000 CAPTCHA checks for you for $2. Minimum buy is $8. So – OK, I am an IT professional with a certain reputation to keep, but good grief, I presume this is one of these services where they pay a bunch of people in a room to read and defeat CAPTCHAs all day. What I found amazing about this is that Google are quite happy to allow them to advertise on their network…

And then on the subject of CAPTCHA, I love “reCAPTCHA” (http://recaptcha.net/learnmore.html), which is a service whereby in situations where people who are trying to digitise old books come across words that they cannot OCR, they farm out the text to people filling out CAPTCHAs – which sounds lovely in that your users end up contributing to community projects to scan old books.

.NET 247

25 most dangerous programming errors – SANS

Jan 13th, 09 / 0 Comments

The SANS Institute has released a list of the 25 most dangerous programming errors – here: http://www.sans.org/top25errors/.

What’s interesting about the way they have produced this list is that they are not pitching it as “these are bad, so don’t do them” rather they are pitching it as being a helpful list from four perspectives. The first perspective they pitch is that it gives customers of software intelligence about how to select software that is likely to be more robust. Personally, I think this is quite an interesting way of looking at the problem as I sit on both sides – i.e. I’m generally interested in how people build software, but I am also interested in how people buy and sell software as that’s my day job.

The other perspectives are more classical – i.e. help developers build better software, but also help people coming into the industry know how to build better software from the get-go.

MBRIT

.NET 247 is (sort of) back

Jan 9th, 09 / 0 Comments

Those of you who missed it .NET 247 (http://www.dotnet247.com/) is more-or-less back online.

It is slightly sickly at the momet, and the content has not been updated in a *long* time, but here’s to hoping that what was once one of the top-rated .NET developer resources is back for good.

.NET 247

Building a DNS server

Jan 9th, 09 / 0 Comments

In my time as software developer, I have ended up building a lot of strange esoteric applications, but a requirement received from a customer meant I spent some time last night building a DNS server.

The requirement from the customer was that they operate two servers, and each of their customers (”end-customer”) is “homed” to exactly one server. From time-to-time they need to move a customer from Server A to Server B. At the moment each end-customer connects to a URL like http://servera.foo.com/application/customera/default.aspx. The problem is that should an end-customer need to move to a new server they have to change the configuration in an application running on the customer’s site. This can almost certainly never be done in a hurry – sometimes it can take weeks.

The requirement from our customer was that the application installed on the end-customer’s computer would call into a Web service which would return the IP of the server to connect to, update the local configuration and away you go. Basically the “switching” server would always stay in one place.

And as I was thinking about that I thought that there was already an established technology that takes a name and turns it into an IP… DNS. This would mean that customers could configure themselves as http://customera.foo.com/application/customera.aspx and obviously the physical location of customera.foo.com would be transparent and could change. This approach removes the need for any weird or complex code and allows the right protocol to do the heavy lifting.

Not knowing off the top of my head any DNS servers that allowed queries to come out of a database, I wondered how hard it would be to build one. The answer was “not hard to do, but hard to come across the information required”. RFC1035 was *eventually* discovered offered the required information and I was somewhat blown away by the fact this RFC is 22 years old. I started by building a DNS client that would do “A” lookups against our in-house Microsoft DNS. Once I broke the back of building the client, a DNS server that only answered “A” queries for a known domain was relatively straightforward.

That said, driving back home it did occur that running BIND and creating a utility that dumped a new configuration file periodically would probably be a more robust, production-ready solution! But at least I got to build something I had never build before…

MBRIT