Application Security Testing: An Integral Part of DevOps
Building great applications isn't all about amazing code snippets that can make your programs look great and run like the wind. It's also about being intelligent—and one big part of that is the ability for your program to look at the world around it (Windows) and figure out exactly what's happening.
Well, as you can imagine, this is one obviously huge area, so I'll be brief and provide just a few core code tips that'll give you a great starting point when trying to find out just what you want.
x = System.Environment.OSVersion.ToString
To discover more about the actual system itself—such as the computer name, number of monitors attached, whether visual aids should be used rather than audio, the default icon size, and so on—check out the System.Windows.Forms.SystemInformation class. Here's an example that checks whether the computer booted normally (in other words, didn't use safe mode):
If System.Windows.Forms.SystemInformation.BootMode = _ BootMode.Normal Then ' Computer booted in normal mode End If
Finally, performance counters are an excellent way of tapping into exactly what the system is up to. This is one huge subject on its own and there is already a mound of books written on the subject. However, in brief, performance counters report on the status of the system and its applications. They're predefined and return a number, which you can look at in a variety of formats (an instantaneous figure, an average, percentage, and so forth).
Examples include the amount of system memory available, a processor's busy time, the number of ASP.NET applications running—or even how many SQL Server connections you have open.
You can browse the existing performance monitors by using the Server Explorer (View > Server Explorer), expanding upon your server and exploring the Performance Counters node. If you see an item you think you'll want to use in your code, you can drag it onto your form and manipulate the newly created PerformanceCounter object in code, or just do it all in code. The following snippet demonstrates the latter, displaying the amount of available memory in a message box:
Dim perfFreeMemory As New PerformanceCounter("Memory", _ "Available MBytes") MessageBox.Show("There are " & perfFreeMemory.NextValue & _ "MB of memory available on your system. This program requires _ more.")
There are a bundle of .NET-specific performance counters available, too—and good system administrators will be more than familiar with these figures, which you can analyse through the PerfMon.exe tool. The .NET revolution also allows you to set up your own custom performance counters with ease, recording data such as the number of sales per second. You can learn more about all of this by looking up "performance counters" in the Help Index, then browsing the subcategories.
Top Tip: If you're attempting to use performance monitors in ASP.NET applications, you may initially find yourself experiencing a bundle of "Access denied" error messages. That's because .NET is picky about exactly who can and can't see this system information. You can resolve this by following the security guidelines at http://aspnet.4guysfromrolla.com/articles/041002-1.aspx. Or, if you're simply wanting to retrieve data such as how long your Web server has been up, check out the tips in Chapter Three of my new book, The Ultimate VB .NET and ASP.NET Code Book.
Figure: Viewing the available Performance Counters through the Server Explorer
About the Author
Karl Moore (MCSD, MVP) is an experience author living in Yorkshire, England. He is author of numerous technology books, including the new Ultimate VB .NET and ASP.NET Code Book, plus regularly features at industry conferences and on BBC radio. Moore also runs his own creative consultancy, White Cliff Computing Ltd. Visit his official Web site at www.karlmoore.com.