Simple catch-all AWS budgets

We got caught out recently by significantly high usage of AWS CloudWatch, and realised we’d been spending $1000/month more than expected. After tracking down the cause (one of the team had turned on detailed instance monitoring) – I wanted to ensure we had a bit more of a heads up next time. We had budgets set for all the major… Read more “Simple catch-all AWS budgets”

BeyondCorp proxy possibilities on AWS, Google Cloud, Azure

It appears there’s now another tool in the arsenal for those looking at implementing BeyondCorp style security model, with the arrival of OIDC authentication support in AWS’s application load balancer. It adds to a growing list of possiblities, at least for HTTP-based services. Who needs VPN anyway? The options I’m aware of now include: Bitly’s oAuth2 proxy – a simple… Read more “BeyondCorp proxy possibilities on AWS, Google Cloud, Azure”

AppData location when running under System user account

As it took far too much Googling to find this, if you need to access the AppData folder for the System account, go here: C:\Windows\System32\config\systemprofile\AppData\Local C:\Windows\SysWOW64\config\systemprofile\AppData\Local I hit this because we needed to clear the NuGet package cache for a TeamCity build agent which was running as a service under the System account.

Get ASP.NET auth cookie using PowerShell (when using AntiForgeryToken)

At FundApps we run a regular SkipFish scan against our application as one of our tools for monitoring for security vulnerabilities. In order for it to test beyond our login page, we need to provide a valid .ASPXAUTH cookie (you’ve renamed it, right?) to the tool. Because we want to prevent Cross-site request forgeries to our login pages, we’re using… Read more “Get ASP.NET auth cookie using PowerShell (when using AntiForgeryToken)”

Updating Azure Virtual Network to use point-to-site feature

Scott recently announced support for point-to-site VPN connections into Azure – awesome! But what might not be so clear is how to enable it on your existing Virtual Network configuration – because you can’t make changes (at least through the UI) to your virtual network after it has been deployed and is in use. Fortunately, there appears to be a… Read more “Updating Azure Virtual Network to use point-to-site feature”

Configure Visual Studio 2012 to use 64 bit version of IIS Express

By default Visual Studio (as a x86/32bit process) will always launch the 32bit version of IIS Express. If you have components that specifically require running under 64bit, you can can configure Visual Studio 2012 to use IIS Express x64 version by setting the following registry key: reg add HKEY_CURRENT_USER\Software\Microsoft\VisualStudio\11.0\WebProjects /v Use64BitIISExpress /t REG_DWORD /d 1 You should note that this… Read more “Configure Visual Studio 2012 to use 64 bit version of IIS Express”

Cisco VPN Client for Windows 8

There isn’t currently a version of Cisco’s VPN client that supports Windows 8, and after installation I received an error message complaining that the “VPN Client failed to enable virtual adapter.”. Fortunately, there is a way to get this “legacy” VPN client to work, with a small registry change: Open up the registry editor by typing regedit in Run prompt… Read more “Cisco VPN Client for Windows 8”

Debugging Powershell and Psake commands and parameters

Getting commands and parameters in Powershell and Psake can be pretty troublesome at times. The echoargs helper from the PowerShell Community Extensions can be a lifesaver. If, for instance, you are calling msbuild.exe /t:Build /p:SomeTroublesomeParametersHere if you swap msbuild for echoargs (after placing the extensions in C:\Windows\System32\WindowsPowerShell\v1.0\Modules and callingĀ Import-ModuleĀ pscx), then you’ll see the exact parameters being passed to… Read more “Debugging Powershell and Psake commands and parameters”