I was contacted by a Public Relations individual from uCertify who requested me to review their product.  This was quite some time ago, and since I had never used their product before, decided to test their test preparation software out in addition to others.  This short review will not mention other applications, suites or books for the preparation for this exam, only the uCertify application.

The first thing you’ll notice when you download the program, is that they offer a few things.  First, there’s 100% money back guarantee that you’ll pass the test on the first try.  That’s enticing and speaks volumes on their product.  Unfortunately, the money back guarantee is on the ~$70 you spent on the program, and not the $150+ on the exam, but alas, something is better than nothing.  At the very least, you can use that money and try again on the exam (or buy a different prep book).

Second, they offer 2 flavors of their software: a full and free (demo) version.   The demo version has a few questions, enough to give you an idea of what’s going on, but not enough for you to do anything with (ie. pass the test, study from, etc).

Lastly, I like the fact that they give you directions on how to download and install the application.  That’s very thoughtful for users who may not be highly technical but want to be, and are therefore attempting to get certified in a particular technology (this is becoming more and more common, even though the certification is supposed to be taken after experience has been attained in the work place, to validate your skills).

So let’s run the application.

As a software developer myself, I have to say that I like the initial interface a lot.  Everything is very well place and easy to navigate.  The demo version only has a Diagnostic Test (15 questions), Create a Custom Test and Create a Fixed Time Test available to you in the main navigation section.  The “Enhance your understanding” section on the right hand side has all of the items available, which are basically extras to give you an ‘edge’.  It’s mostly general information, some tips, and other resources you can find on the internet.  You don’t need this section, but it’s nice to have everything in one place anyway.

uCertify has their advertisements all over the place “Buy the full version”, which makes me laugh.  That’s what they’re supposed to do, and they do a pretty good job in keeping it in your face as you go through the demo.

Diagnostic Test:

I ran it with 10 total questions, 10 minute duration and a passing score of 730.  I also selected the “Always show last answer option as ‘None of the above’” which I believe to be crucial in getting you to think critically.  Why?  Because everyone will default themselves to “the answer must not be here” if they can’t figure it out or come up with an answer based on incorrect assumptions.  Since it’s there all the time, and you won’t know when it’s a valid option, you’ll definitely think twice before choosing it.  In my courses, I always have this option available to students.

Well, the first thing I noticed while taking the Diagnostic Quiz is that my settings didn’t stick.  I noticed at the bottom that I was on question 10 of 15 (I said a max of 10) and that the “Always show ‘none of the above’” wasn’t being shown on all questions.  Maybe this is reduced functionality for the demo, but it would have been nice to see that stated.

I found the questions a bit vague.  They’re not meant to confuse you, but require a good understanding of the underlying topic for you to know what they’re referring to.  The application does assist you with some background information and explanation, but I don’t believe it to be enough for a full understanding of the topics, but again, they are quite helpful.

The results page is fairly straight forward.  A little hard to read, maybe alternating row colors would have been nicer on the eyes.  Anyway, it tells you what you did right and wrong.  Clicking on the question will take you to the page of that question, with the answer you gave and why you were right or wrong, along with those ‘Facts’ that help you solidify your understanding.

I really like the Readiness report, which gives you a summary on how you’ve done on all the exams (there are 5 practice tests, a final test, and a diagnostic test – 423 questions in total).  They also provide an adaptive test, but that functionality is not available, so I cannot comment on it.

All in all, I believe this to be a good product.  It’s obvious the uCertify is trying to get you to pass the test, as they provide you with several ways of doing so.  If I were going to use this product, I would read a book prior to build a decent foundation, and then polish my skills and knowledge off with this application and its exams.  If you did that, you would have taken 7 tests in the uCertify application, and an additional 1 or 2 in the Microsoft book, for a total of 8 or 9.  You would iterate through the content and examinations enough to know what you have to study and understand better, and know where your strengths are.

If you used the approach above, it would cost you about $100 (Microsoft Self-Paced Certification Books – really the only books available for MCTS-ASP.NET) and $60 for the uCertify application.  That’s $160 in prep (and maybe 1 – 3 months) and then the cost of the exam, which is about $200 or so (don’t quote me on that).  When you buy the Microsoft books, you get a voucher for a discount on the actual exam, so that helps. I believe it to be worth it.

The feedback from the exams is that you need to really memorize the book’s content and have lots of coding experience (more project experience than just slapping code together).  In that respect, an application such as this one will really help you with that, as they ask you real-world type questions.  The link below is to a site of a gentlemen who gives his experience from taking the exam: here

Rating of the Application:

Visual Appeal: 8
Question Difficulty: 8
Extra Content to Help (ie. Tips): 10
Number of Questions / Exams: 9
Reporting: 9
Exam Preparedness: 8.5
Overall: 8.75

I would say this system will help anyone pass the exam, as long as they have the knowledge.  I would / will use this system in the future.

Take a look for yourself: http://www.ucertify.com/exams/Microsoft/70-536-VB.html

You can receive a 10% discount on any certification course you wish to attend using the code STEVEH.  Thank you to Roger and uCertify for their generosity.

Computerworld (07/23/08) Gaudin, Sharon

As Intel reaches its 40th anniversary, a top company executive looks forward 40 years to the point when human intelligence and machine intelligence starts to merge. Intel CTO Justin Rattner says that perhaps as early as 2012 we will start to see the lines between human and machine intelligence blur, with nanoscale chips or machines moving through our bodies to fix damage organs or unclog arteries. Rattner also says virtual worlds will become increasingly realistic, and robots will develop enough intelligence and human characteristics that they will become companions. Most aspects of our lives will be rather different as we approach the year 2050, with computing becoming less about running applications and more about living lives in which computers are inextricably woven into daily activities. “The intelligent systems will move from being information systems to intelligent systems that will carry out a whole variety of tasks that we just won’t think of as computing tasks,” says Rattner. “The technology will find its way into so many things we do, and we won’t even think about it. The explicit way we’ve done computing in the past will be there, but it will be a very small subset of what we’ll be doing.” Chip advancements will continue throughout the semiconductor industry, though computer chips will extend beyond computers and phones as people seek to become more connected in virtual worlds and computers learn to react to our motions and thoughts.

By ROBERT McMILLAN, IDG News Service\San Francisco Bureau, IDG

Published: July 24, 2008

Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet.

The attack code was released Wednesday by developers of the Metasploit hacking toolkit.

Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches.

Attackers could also use the code to silently redirect users to fake software update servers in order to install malicious software on their computers, said Zulfikar Ramizan, a technical director with security vendor Symantec. “What makes this whole thing really scary is that from an end-user perspective they may not notice anything,” he said.

The bug was first disclosed by IOActive researcher Dan Kaminsky earlier this month, but technical details of the flaw were leaked onto the Internet earlier this week, making the Metasploit code possible. Kaminsky had worked for several months with major providers of DNS software such as Microsoft, Cisco and the Internet Systems Consortium (ISC) to develop a fix for the problem. The corporate users and Internet service providers who are the major users of DNS servers have had since July 8 to patch the flaw, but many have not yet installed the fix on all DNS servers.

The attack is a variation on what’s known as a cache poisoning attack. It has to do with the way DNS clients and servers obtain information from other DNS servers on the Internet. When the DNS software does not know the numerical IP (Internet Protocol) address of a computer, it asks another DNS server for this information. With cache poisoning, the attacker tricks the DNS software into believing that legitimate domains, such as idg.com, map to malicious IP addresses.

In Kaminsky’s attack a cache poisoning attempt also includes what is known as “Additional Resource Record” data. By adding this data, the attack becomes much more powerful, security experts say.

An attacker could launch such an attack against an ISP’s (Internet Service Provider) domain name servers and then redirect them to malicious servers. By poisoning the domain name record for www.citibank.com, for example, the attackers could redirect the ISP’s users to a malicious phishing server every time they tried to visit the banking site with their Web browser.

On Monday, security company Matasano accidentally posted details of the flaw on its Web site. Matasano quickly removed the post and apologized for its mistake, but it was too late. Details of the flaw soon spread around the Internet.

Although a software fix is now available for most users of DNS software, it can take time for these updates to work their way through the testing process and actually get installed on the network.

“Most people have not patched yet,” said ISC President Paul Vixie in an e-mail interview earlier this week. “That’s a gigantic problem for the world.”

Metasploit’s code looks “very real,” and uses techniques that were not previously documented said Amit Klein, chief technology officer with Trusteer.

It will probably be used in attacks, he predicted. “Now that the exploit is out there, combined with the fact that not all DNS servers were upgraded… attackers should be able to poison the cache of some ISPs,” he wrote in an e-mail interview. “The thing is we may never know about such attacks, if the attackers… work carefully and cover their tracks properly.”

Copyright 2008 IDG News Service. All Rights Reserved.

The AFP (7/17) reports that the “Organization for Economic Cooperation and Development (OECD) in a study published Wednesday found that costly public support for biofuel production has but a limited impact on reducing greenhouse gas emissions and on improving energy security.” Meanwhile, “development of the biofuel sector ‘will contribute to higher food prices over the medium term and to food insecurity for the most vulnerable populations in developing countries,’” the report found.

        According to Bloomberg (7/16, van Loon), the report noted that the “U.S., Canada, and the European Union” combined for $11 billion “in annual subsidies for plant-derived fuels.” Stefan Tangermann, OECD director for trade and agriculture, said that the “greenhouse gas released by cars, trucks, airplanes, and ships ‘at best’ will decline 0.8 percent by 2015 in those regions with the help of aid programs.” The study found that in the U.S., ethanol produced from corn “reduces emissions by between 10 percent and 30 percent, compared with burning gasoline to drive the same distance.” Instead, nations “should focus on reducing fuel consumption for vehicles and end import taxes on ethanol from Brazil,” the OECD argued. In addition, the OECD said that “[e]xisting policies mean that as much as 14 percent of the crop land in the EU, the U.S., and Canada will be used to grow plants for biofuels by 2017 from about eight percent last year.” This “could push prices for some crops up by 19 percent by 2015.”

Google has been developing a new algorithm for indexing textual content in Flash files of all kinds, from Flash menus, buttons and banners, to self-contained Flash websites. Recently, we’ve improved the performance of this Flash indexing algorithm by integrating Adobe’s Flash Player technology.

In the past, web designers faced challenges if they chose to develop a site in Flash because the content they included was not indexable by search engines. They needed to make extra effort to ensure that their content was also presented in another way that search engines could find.

Now that we’ve launched our Flash indexing algorithm, web designers can expect improved visibility of their published Flash content, and you can expect to see better search results and snippets. There’s more info on the Webmaster Central blog

about the Searchable SWF integration. ___________

AWESOME!  This just reduced the amount of work that multimedia web designers and developers by at least half!  Thanks GOOGLE!

This post provides a summary of performance tuning options for a Windows Server 2003 file server. Included is information on NTFS, lanmanserver, NIC, Disk and HBA performance tuning options. None should be used in a production environment without testing. Note that the Microsoft excerpts come from a 2008 performance tuning document, after verifying that the options are supported on 2003.

General Performance Settings

Disable 8.3 name creation

HKLM\System\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation

Excerpt from Microsoft on this option:

The default is 0. This parameter determines whether NTFS generates a short name
in the 8.3 (MS DOS®) naming convention for long file names and for file names
that contain characters from the extended character set. If the value of this
entry is 0, files can have two names: the name that the user specifies and the
short name that NTFS generates. If the user-specified name conforms to the 8.3
naming convention, NTFS does not generate a short name.

Changing this value does not change the contents of a file, but it avoids the short-name attribute
creation for the file, also changing the way NTFS displays and manages the file.
For most file servers, the recommended setting is 1.

Note that when accessing files that go beyond the 260 MAX_PATH length, short filenames can be a very useful method of accessing these files.

Ignore Write Flush Commands from Clients

HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters\TreatHostAsStableStorage
Excerpt from Microsoft on this option:

The default is 0. This parameter disables the processing of write flush commands
from clients. If the value of this entry is 1, the server performance and client
latency for power-protected servers can improve. Workloads similar to the
NetBench file server benchmark benefit from this behavior.

Network tuning

NIC Offloading

Newer NICs have offloading capabilities, allowing the Operating System to offload one or more tasks to the network adapter. For example, Broadcom BCM5708S NetXtreme II adapters have the following offload capability enabled:
• IPv4 Checksum offload – Calculation and validation of checksums on TX/RX of TCP and UDP packets
• IPv4 Large Send offload – Offload the segmentation of large packets to the hardware

TcpWindowSize

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpWindowSize

Windows Server 2003 auto-tunes this setting, and benefits to manually choosing a window size are acknowledged in high-latency networks.

NumTcbTablePartitions

HKLM\system\CurrentControlSet\Services\Tcpip\Parameters\NumTcbTablePartitions

Increasing this number from the default of 1 can decrease contention in the TCP/IP stack. Microsoft warns of modifying this setting without significant testing, with a recommended maximum of the number of processors in the system.

MaxFreeTcbs and MaxHashTableSize

HKLM\system\CurrentControlSet\Services\Tcpip\Parameters\MaxFreeTcbs
HKLM\system\CurrentControlSet\Services\Tcpip\Parameters\MaxHashTableSize

MaxFreeTcbs can be adjusted manually to set the maximum number of TCP control blocks the system creates. This number determines the simultaneous number of connections the server can handle. If MaxFreeTcbs is changed, MaxHashTableSize should also be modified, dictating the size of the hash table that stores the control blocks.

Disk Tuning

LargeSystemCache and LanManServer file system caching

The amount of memory allocated to file system caching can help to increase the disk cache hits for a file server. In Windows Server 2003 this setting is enabled by default, although a casual glance of the system working set and the lanmanserver service working set do not show a large amount of the available physical memory for cache.

Windows 2003 also has logical block caching in addition to caching at the file system level. Further information could not be found on configuring or measuring the performance of logical block level caching.

The file cache is part of the system working set, which is protected from excessive trimming when the LargesystemCache option is usedThe lanmanserver service working set must also be protect in some way, part of services.exe (use tasklist /svc).

CacheSet from sysinternals can be used to modify the system working set size

Excerpt from Microsoft TechNet:

The Memory object performance counter System Cache Resident Bytes reports the amount of real memory currently in use by the file cache. As the number of System Cache Resident Bytes increases, we normally expect that the various measures of hit ratio will also increase. Moreover, the cache size can grow simply as a function of the size of the files that are currently in use and their pattern of access.

The Cache Resident Bytes counter reports the amount of real memory the file cache is currently occupying. The Cache Bytes counter, which sounds like it might tell you the size of the cache, actually reports the full system working
set, which includes Cache Resident Bytes and several other real memory areas. In a Windows 2000 file server (remembering Windows 2000′s heritage as the follow-on to the joint IBM/ Microsoft-developed OS2 LAN Manager), the file cache so dominates the system working set that internal documentation frequently refers to the entire system working set as the cache. This usage carries over to tools like Task Manager, which labels the system working set as the System Cache in the Performance tab, illustrated in Figure 7-2. The Windows NT version of Task Manager called this field File Cache, which is probably just as misleading. Curiously, the number of bytes in the System Cache reported by Task Manager does
not correspond exactly to the Cache Bytes counter in the System Monitor.

Disk Alignment

Using disk alignment to realign partitions can occasionally decrease the number of disk I/O operations. This occurs because the MBR is on the first 63 sectors of a disk, and the first partition starts on the 64th sector instead of the 65th sector – the beginning of the next boundary. This is vendor and disk specific, and does not apply to every disk.

Excerpt from Microsoft TechNet:

Microsoft Windows 2000 Server has an internal structure known as the master boot
record (MBR) that limits the maximum number of hidden sectors to 63. This
characteristic of the MBR causes the default starting sector for disks that
report more than 63 sectors per track to be the 64th sector. Therefore, when
programs transfer data to or from disks that have more than 63 sectors per
track, misalignment can occur at the track level, with allocations starting at a
sector other than the starting sector. This misalignment can defeat system
optimizations of I/O operations that are designed to avoid crossing track
boundaries.

Diskpar.exe is a command-line tool from the Windows 2000
Server Resource Kit that can explicitly set the starting offset in the MBR. By
doing this, the track is aligned with the physical disk partition, which results
in an improvement in disk performance. Exchange writes four kilobytes to the
database and up to 32 kilobytes for the streaming data. Therefore, make sure
that you set the starting offset to be a multiple of four kilobytes.

Write-caching option on each disk

Excerpt from Microsoft on this option:

Enabling write caching allows writes to be completed immediately after being
cached in the storage subsystem. Note that with this action a period of time
passes during which a power failure or other catastrophic event could result in
a loss of the data. However, this period is typically fairly short because write
caches in the storage subsystem are usually flushed during any period of idle
activity. Alternately, you can use time-outs at the cache level to force dirty
data out of the cache even if other active requests exist.

This option is enabled by default on all SAN-attached storage

‘Advanced Performance’ option on each disk.

Excerpt from Microsoft on this option:

The advanced performance option strips all write-through flags from disk
requests and also removes all flush-cache commands. The assumption is that if
you have power protection on your I/O path you don’t need to worry about those
two pieces of functionality; by definition, any written data is safe and
“in-order” after it is copied into power-protected storage subsystem hardware,
just as if it had been written to the physical disk media.

This option is disabled by default on all SAN-attached storage.

Emulex Lightpulse scatter/gather list elements

“HKLM\System\CurrentControlSet\Services\lp6nds35″

Add (if not already present) the following Keys under lpxnds

Parameters->Device (Parameters apply to ALL LPxxx adapters)
or
->Devicen (Parameters apply to LPxxx adapter number ‘n’ 0-99)

Under Device or Devicen add a value of “MaximumSGList” Type REG_DWORD,
with a value of from 13 to 255 (decimal). Microsoft specifies to use
this value sparingly, as these request entries come from Non-Page-Pool.

Emulex Lightpulse asynchronous requests

“HKLM\System\CurrentControlSet\Services\lp6nds35″

Add (if not already present) the following Keys under lpxnds

Parameters->Device (Parameters apply to ALL LPxxx adapters)
or
->Devicen (Parameters apply to LPxxx adapter number ‘n’ 0-99)

Under Device or Devicen add a value of “NumberOfRequests” Type REG_DWORD,
with a value of from 16 to 256 (decimal). Microsoft specifies to use
this value sparingly, as these request entries come from Non-Page-Pool
(this is especially true with the ALPHA systems).

References:

Windows Server 2008 performance tuning
http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/Perf-tun-srv.docx

How To Improve Windows 2003 File Server Performance
http://support.microsoft.com/kb/555041

CacheSet
http://technet.microsoft.com/en-au/sysinternals/bb897561.aspx

How to Configure the Storage Subsystem
http://technet.microsoft.com/en-us/library/bb643100.aspx

Examining and Tuning Disk Performance
http://www.microsoft.com/technet/prodtechnol/Windows2000Pro/reskit/part6/proch30.mspx?mfr=true

Aligning Disk Partitions by Using Diskpar.exe
http://technet.microsoft.com/en-us/library/bb643097.aspx

PagedPoolSize
http://technet2.microsoft.com/windowsserver/en/library/b1bda681-28b0-4339-a4ea-feb0fd9ff0c01033.mspx?mfr=true

Optimizing Your Memory Configuration
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/core/fnec_evl_fhcj.mspx?mfr=true

About Cache Manager in Windows Server 2003
http://support.microsoft.com/kb/837331

MaxPagedMemoryUsage for the server sevice
http://technet2.microsoft.com/WindowsServer/en/Library/357c7af1-7a0b-47a5-8af1-ff44756c498a1033.mspx

MaxPagedMemoryUsage for the server sevice
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/regentry/58636.mspx?mfr=true

LargeSystemCache
http://technet2.microsoft.com/WindowsServer/en/library/efa621bd-a031-4461-9e72-59197a7507b61033.mspx

Optimizing Your Memory Configuration
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/core/fnec_evl_fhcj.mspx?mfr=true

File Cache Performance and Tuning
http://technet.microsoft.com/en-us/library/bb742613.aspx

Cluster resource command-line operation
http://technet2.microsoft.com/windowsserver/en/library/f6b35982-b355-4b55-8d7f-33127ded5d371033.mspx

File Cache Performance and Tuning
http://technet.microsoft.com/en-us/library/bb742613.aspx

About Cache Manager in Windows Server 2003
http://support.microsoft.com/kb/837331

How to Configure the Storage Subsystem
http://technet.microsoft.com/en-us/library/bb643100.aspx

Why should you use Diskpar
http://msexchangeteam.com/archive/2005/08/10/408950.aspx

Emulex Lightpulse HBA device settings
http://contents.driverguide.com/content.php?id=106500&path=README.TXT

I have been an IT consultant for the past 5 years and in the industry for almost 10. My experience is vast and covers both hardware and software aspects of corporate and personal IT needs (click here for professional experience). My company, The Tech Guy, offers an extensive list of services, ranging from Web Development and Design, to emergency Data Recovery, network and system support, etc.

Below is concise list of the services we currently offer. If there’s something you need that is not on the list, please contact me (contact me anyway!) so that we can talk about it. Our services are affordable (cheap but of high quality) and we make a huge effort to fit in any budget.

Services:

• Web Development
• Application Programming
• Application Support
• Application updates and upgrading (Web and System level software)
• Software Installations
• Web Design
• Web Layouts
• Web Design: FLASH
• Web Design: Dynamic and static sites
• eCommerce – Shopping cart front and back-ends
• Club and Organization websites
• Affordable Non-Profit websites
• Network Support
• Network Installation
• Network Upgrade
• Network Device Installation and Support
• Computer Maintenance
• Computer Upgrade
• Computer Installation
• Computer Repair
• Data Recovery
• Hard Drive Failure: File and Data Recovery
• Hard Drive Format: File and Data Recovery
• Emergency Computer and Network Services
• Remote Support (anywhere in the world!)
• Virus Removal
• Spyware Removal
• Adware Removal
• Trojan and other Malware Removal
• Software Sales
• Hardware Sales
• New and Used equipment sales and installation
• Repair and Maintenance plans
• Full IT Outsourcing (We can be your IT department at less than 25% of the cost!)
• Blog Website Installations
• Joomla Websites
• Joomla Design
• Joomla Custom Applications
• Website Hosting
• Website Maintenance and Updating
• Image and Multimedia Editing
• Image Manipulation
• Digital Archiving
• Flyer Design
• Event Poster Design and Printing
• Flyer Printing
• Business Cards (Affordable!) Design
• Business Card Printing
• Pamphlet and Booklet Design and Printing
• Car Magnet Printing and Design
• Photography Services
• Business Services
• Marketing Services
• Full marketing campaign management
• Google Ads
• Yahoo Ads
• Microsoft Live Ads
• Search Engine Ads
• Search Engine Optimization (SEO) for new and existing sites
• Reporting and progress reports

All services provided by The Tech Guy, Changing the way you see IT, and are offered to Individuals and Business alike.

Where is ASP.NET 3.5 on IIS ?

Most people on installing .NET 3.5 on the server “expect” an entry for  v3.5 under the ASP.NET version Tab in IIS manager. And not finding that entry start panicking. If you have been one of those read on. The more tech savvy folks try to run aspnet_regiis -i from the v3.5 framework folder… but even that is missing

That brings us to the question

What exactly is ASP.NET 3.5 ?

Take a look at the v3.5 framework folder you will not find most of the files needed for ASP.NET to run like aspnet_isapi.dll / aspnet_filter.dll / aspnet_regiis.exe / aspnet_regsql.exe…

The reason being .NET 3.5 is not a stand alone framework like v2.0 or v1.1 . It is just an extension of the 2.0 framework. The extension provides developers with new language features like Anonymous Types, Extension Methods, Lambda Expressions and of course LINQ …. and AJAX is now integrated … also you have a few new ASP.NET controls <asp:ListView>, <asp:LinqDataSource>, <asp:DataPager>

Will I get ASP.NET version 3.5 under the ASP.NET tab in IIS 6.0 ?

Nope. Because as far as IIS is concerned nothing has changed. The aspnet_isapi.dll from the version 2.0 folder will still handle the requests and there is no new ISAPI dll specific to version 3.5. So you don’t have to change any Script Mappings in IIS …just leave the web application pointing to v2.0 under the ASP.NET Tab. And this brings us to the next question

What exactly is the extension ?

For that if you have Visual Studio 2008 go ahead and create a Website targeting the .NET 3.5 framework. Then go to the Property Pages of the Website and select References. You will find an entry like this

And those four assembly references provide the new features of v3.5.  Here is a 10,000 ft view of the functionality implemented in these assemblies

System.Core – Provides namespaces like System.Linq, System.IO

System.Data.DataSetExtensions – LINQ to DataSet

System.Web.Extensions – AJAX

System.Xml.Linq – New XML API.. supports LINQ to XML

Do I have to configure anything manually ?

No. When you install the .NET 3.5 redistributable on the server it installs these assemblies in the GAC. And any website that refers to these assemblies can fetch them from the GAC so you do not have to configure anything manually. All you need to do is publish the content to a web application that is marked with ASP.NET v2.0

And now you should be thinking

The new language features should require a new compiler. How exactly is the new compiler used ?

The answer is your web.config file. When you create an ASP.NET 3.5 website in Visual Studio 2008 an entry is made in the web.config something like

<system.codedom>
  <compilers>
    <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4"
              type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
      <providerOption name="CompilerVersion" value="v3.5"/>
      <providerOption name="WarnAsError" value="false"/>
    </compiler>

The new features do require a new compiler to be used and the web.config tells .NET that the v3.5 compiler has to be used.

What about IIS 7.0 ?

IIS 7.0 is no different.

Windws XP SP2 introduces a few new twists to TCP/IP in order to babysit users and “reduce the threat” of worms spreading fast without control. In one such attempt, the devs seem to have limited the number of possible TCP connection attempts per second to 10 (from unlimited in SP1). This argumentative feature can possibly affect server and P2P programs that need to open many outbound connections at the same time.Rant: The forward thinking of Microsoft developers here is that you can only infect 10 new systems per second via TCP/IP ?!?… If you also consider that each of those infected computers will infect 10 others at the same rate:
second 1:  1+10 computers
second 2: 10+10*10 computers (110 new ones)
second 3: 10+100*10 computers ( 1110 new ones)
second 4: 10+1000*10 computers (11110 new ones)
….
all the way to 10*60 + 10^60 computers in a single minute (that’s a number with 60 digits, or it would far exceed Earth’s population). Even if we consider that 90% of those computers are unreachable/protected, one would still reach ALL of them within a minute.

In other words, even though it is not going to stop worm spreading, it’s going to delay it a few seconds, limit possible network congestion a bit, and limit the use of your PC to 10 connection attempts per second in the process ! I have no problem with the new default setting limiting outbound connection attempts. Still, users should have the option to easily disable or change this setting. I might be going out on a limb here, but ever since the introduction of Windows XP I can’t help thinking that I dislike all the bult-in Windows “wisardry” in a sense that the system also limits user access. That irritating trend to ease the mental load on end users is somewhat insulting, considering that Windows is to make the more “intelligent” choice instead of the end user, as well as limit their access to tuning such settings…
End of rant.

With the new implementation, if a P2P or some other network program attempts to connect to 100 sites at once, it would only be able to connect to 10 per second, so it would take it 10 seconds to reach all 100. In addition, even though the setting was registry editable in XP SP1, it is now only possible to edit by changing it directly in the system file tcpip.sys. To make matters worse, that file is in use, so you also need to be in Safe mode in order to edit it.

You only need to worry about the number of connection attempts per second if you have noticed a slowdown in network programs requiring a number of connections opened at once. You can check if you’re hitting this limit from the Event Viewer, under System – look for TCP/IP Warnings saying: “TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts”. Keep in mind this is a cap only on incomplete outbound connect attempts per second, not total connections. Still, running servers and P2P programs can definitely be affected by this new limitation. Use the fix as you see fit.

To change or remove the limit, you can use the following program:

Event ID 4226 Patcher – Windows XP SP2 – A patching program for removing or changing the limit imposed on connection attempts in SP2. The patcher has the ability to restore tcpip.sys back to the original… Still, you might want to back up tcpip.sys, use it at your own risk. The author of this patch can be reached @ http://www.lvllord.de/

Should I stay or should I go … with Visual Studio 2005 or 2008 is the question in this particular case. One of my customers is still on Visual Studio 2003 and they are wondering whether to upgrade to VS 2005 or to VS 2008.

Are there reasons for moving to VS 2005 instead of 2008 even though 2008 is so close to release? Minimizing risk is probably the major driver for deciding on VS 2005. After all, it’s been out in the market for almost two years and it’s stable and mature. There’s also the common wisdom that you shouldn’t deploy a Microsoft product that doesn’t have at least one service pack. Mind you that SP1 for Visual Studio didn’t come out until 12 months after the release of the product. Microsoft is no longer in the mode where the Service Pack has to hit 6 months after release because there were quality issues that needed to be fixed.

When it comes to determining to move to the newer Visual Studio 2008 and the .NET Framework 3.5 there are more points to consider:

1) Stability and maturity of the underlying framework and consequently the applications you’re building on top of the framework.

2) Stability and maturity of new features added with VS 2008

3) Product Support differences.

4) Productivity benefits of VS 2008 compared to VS 2005.

Let’s dive a little deeper and examine each of these points:

1) Enhancements to the .NET Framework are built around the stable core of Version 2.0 that ship with Visual Studio 2005, when additions like generics and partial classes required modifying the CLR.

Version 3.0 added to the core set of .NET 2.0, but does not change the core CLR. New functionality is packed in new assemblies, e.g. System.ServiceModel. There were some minor changes to some of the library assemblies, e.g. System.Runtime.Serialization to accommodate new WCF functionality, but by all and large 3.0 is built around the solid core of the CLR and the BCL of 2.0.

Version 3.5 follows the same approach. The 2.0 CLR/BCL core remains largely untouched. New features are either implemented at the compiler level or in the System. Core assembly. Scott Hanselman (who’s finally joined Microsoft) confirmed this claim by doing some deeper research recently. He compared the core libraries that shipped with VS 2005 and the Beta 2 release of .NET 3.5 and found that the percentage of churn was in the single digits.

Since the .NET Runtime and the core libraries are pretty much the same between VS 2005 and VS 2008, there’s no increased risk for applications that leverage core .NET functionality only.

2) Now that we realized that .NET is very stable at its core, let’s look at the additional functionality that’s new with .NET 3.5. There are quite a number of new features (WCF, WPF, Visual Studio, Linq, too many others), but this particular customer is very interested in the new AJAX features. Again, the core framework code at the ASP.NET Ajax framework level has been in the public as a CTP since 2006 and has been RTM since early 2007. The Visual Studio 2008 release is adding more server side control features (for example control extenders), but the core has been publicly available as a preview release for more than 18 months. Another customer I work with is running one of the world’s largest eCommerce sites on top of AJAX some of these CTP bits without impact to their business.

Visual Studio 2008 adds design time tools and more server controls for richer UIs and better communication between the client-side code and the server. Those features are very helpful and the runtime features have been available in CTPs for a while.
Finally, one more risk mitigation factor to consider is recent announcement that source code (with comments) and debugging symbols are going to be available with Visual Studio 2008 and .NET Framework 3.5. If you’re running into issues, you have the unprecedented ability to trouble shoot and diagnose problems.

With all that, my take would be (if I was an architect that didn’t work for Microsoft) that risk from new framework libraries around ASP.NET AJAX is manageable. In other areas, you get all the fixes for .NET 3.0 SP1, which means there’s actually a benefit of fewer pieces to install. The remaining risk is the new code in System.Core and in some other places. Still, I’d feel good about moving to 2008.

3) Now, you may argue that the tools are still new, and there’s some truth in that. Even though the quality of Visual Studio has been pretty good, much better than in the 90s when I first looked at Microsoft tools, but new code is always new risk. One could argue that VS 2005 + VS 2005 SP1 + .NET 3.0 + .NET 3.0 SP1 + ASP.NET AJAX RTM + AJAX Control Toolkit + ASP.NET AJAX Futures CTP gives me the same capabilities as VS 2008 with more stable, proven code. But consider this: The AJAX Control Toolkit is released under a community license, which means there’s not official product support through the Premier Support channels. The ASP.NET AJAX Futures CTP delivers some of the cool improvements over RTM, but the CTP is an unsupported product. The new controls that ship with VS 2008 are fully supported.

You’re actually increasing risk a little bit by staying with Visual Studio 2005 because of a few unsupported bits and you’re greatly increasing complexity of your install process. With VS 2008 you get the stable service pack code for Visual Studio and .NET 2.0 and 3.0 and you get all that in a single install and you get all that in a single install which reduces complexity and consequently risk and cost of deployment. I give that one to Visual Studio 2008.

4) Yes, there is new code in Visual Studio 2008 and there better be . VS 2005 has been lacking the tool support to take full advantage of the .NET 3.0 platform. VS 2005 shipped with .NET 2.0, remember? The .NET 3.0 release was only a framework release. The tool support for WPF, WCF and ASP.NET AJAX is finally shipping with VS 2008.

The improved Javascript IntelliSense support alone is a great enhancement for somebody like me that delegates mundane tasks like remembering method overloads and signatures to IntelliSense. AJAX was painful because IntelliSense in the code editor was rather limited.

Then there’s the client-side JavaScript debugging Scott Guthrie was talking about. You now can set breakpoints from the start, debug and inspect javascript variables with property grids, visualizers and an immediate window just like you can in with managed code on the server.

Then there are other very helpful new features, like the ability call WCF JSON services, the Web Designer with rich CSS Support or the built-in support to make the back button AJAX aware with the history control and, of course , Linq. There are many other exciting new features, too many others to list here, but the bottom line is, there are numerous reasons why VS 2008 is the better choice for developing AJAX enabled sites.

Finally, you could argue that VS 2008 actually gives you the best of both worlds because VS 2008 lets you target different versions of the .NET Runtime. If you’re feeling very strongly about shipping applications on the 2.0 bits or the 3.0 bits, you can still take advantage of the new productivity enhancements in the IDE but build against the framework version of your choice.That’s a great combination or productivity and stable code to optimize for low risk.

Published Monday, October 08, 2007 9:01 AM by ChristophDotNet