Saturday, July 28, 2012

Some Notes on MS PowerPivots

Following up from here; http://opinionsonoffer.blogspot.com/2012/04/business-intelligence-using-ms.html

Have been meaning to get this typed out for the longest time now; and the longest time it has been :) So here it is; as promised the following are some of the notes I took down from a session on power pivots, please feel free to point out any misconceptions should you see them.

  • Powerpivots look to offload the work of a Corporate Business Intelligence team and bring it to the end users. This is basically a plugin to the existing MS Excel suite.
  • This is achieved to some extent by Excel and its pivoting functionality; but if you were to take around 4000 - 5000 records and pivot it generally it takes upward of 10 secs to process.
  • Powerpivots look to ease this down and make it much faster.
  • To run powerpivots you require Vertipaq processors which are usually installed and run at a organizational level. Thereby there is no surefire way to bring this technology to home users as yet.
  • Powerpivots allow users to pivot and manipulate data volumes in the millions within a second; (in the demonstration We used 1.3 million records). It seems it achieves this by using column based compression, said to reduce the original filesize by almost 40%. (Similar technology that is used in SQL Server 2012 Denali - ColumnStore Indexes). The file size for the 1.3 million records was 18 mb.
  • You can further slice and dice this data as necessary.
  • First time load however takes some time, with subsequent loads being upto speed.
  • Setting up the data is through a wizard functionality; the data source could be; Access, Another PowerPivot, SQL Server etc. Relationships would be autodetected and mapped accordingly.
  • These powerpivots can be pushed to a sharepoint view as well, however you would require silver light to view the resulting screens. They are however very intuitive and easy to use. They can moreover be cached for individual users in order to increase performance.
  • Using these you can slice and dice the data and even chart it in terms of displaying.
  • Security is maintained either through Sharepoint in terms of a published powerpivot or powerpivots in terms of an excel sheet.


So in summary in terms of bringing this to a home user there is still some ways to go; and in terms of even the business user; you will still need to have a knowledge of the tables that are needed and the datasources. However it has brought us a step closer to the elusive business intelligence at your finger tips paradigm.

Saturday, July 21, 2012

Pharma Attack

No it is not when you get attacked by a marauding Pharmacy :)

So what is it?

Its a website hack which first originated in Wordpress sites, it involves malicious users hijacking google search results for the site, which in turn they redirect to different sites which sell different pharmaceuticals products such as Viagra.

The hack...

The hacker would modify existing pages to execute code in other pages, these code snippets in turn would translate to links to third-party websites pushing various pharmaceuticals. 


Unfortunately it is quite likely the owner or the users of the site would likely never know that these links are being exposed because the attack targets only certain search engine spiders such as google bots. 


Effectively meaning that these results would be posted on the search engine’s results for the site (e.g. Google).


How do they get in?

The most usual point of entry is a hacked FTP account or a script vulnerability in the content management system.


The fix...

  1. Check .htaccess and .bootstrap files; for suspicious redirects / executions
  2. Check PHP files for suspicious references to "eval()" or "base64_decode()" or "create_function()"

Prevention is better than cure...


  1. Always make sure to use WiFi hotspots that have a password as this ensures that your communication is encrypted and cannot be intercepted and used by a malicious user.
  2. Do not use the FTP account over an unsecure FTP protocol. Only use with secure transmission over SSH File Transfer Protocol that hides (encrypts) the username and password, and encrypts the content.
  3. Keep your CMS installations upto date with the latest versions, this ensures that hackers cannot make use of vulnerabilities in older versions of the CMS.
  4. Several CMS modules need constant upgrades to eliminate security vulnerabilities.
  5. Keep weekly backups of the code repository and of the database.
  6. Change all Administrator passwords, database password and FTP passwords periodically.
  7. Monitor server logs for the site for search engines links crawled by the search engine which look suspiciousMonitor server logs for the site for search engines links crawled by the search engine which look suspicious.
  8. Maintain a backup copy of the entire CMS installation and run a Code Diff periodically to ascertain that no files have been changed.
  9. Check PHP files for suspicious references to "eval()" or "base64_decode()" or "create_function()".

References:


  • http://hashable.org/2011/09/wordpress-pharmaceutical-attack/
  • http://stackoverflow.com/questions/3462473/php-evalgzinflatebase64-decode-hack-how-to-prevent-it-from-occurring-a       
  • http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php
  • http://digwp.com/2010/07/wordpress-security-lockdown/

Friday, July 20, 2012

Export Files and Folders in a Windows Folder to Excel

Not surprisingly this is quite easy; just do a select all (CTRL + A) in your folder and mouse Right Click while holding the SHIFT key; in the ensuing menu select the option Copy File Paths. 

Now open an excel worksheet and just paste. This will show you your total file path including directory path; if you want to get rid of this just do a find and replace to "". And you have your imported list of objects in a Folder.

Hope this helps...

Thursday, July 19, 2012

Deploying your ASP.Net MVC application on Amazon

Was looking at deploying one of our ASP.Net MVC applications on Amazon; and came across this good article on deploying ASP.Net MVC through Amazon Beanstalk.

http://www.simple-talk.com/dotnet/.net-framework/getting-started-with-amazon-aws-and-elastic-beanstalk/

Just a few minutes and you are good to go; this should really give Windows Azure a run for its money as well. Especially with Amazon RDS starting to support SQL Server 2008 R2 Express, Std and EE editions as well.

Will continue to talk about this in the next few weeks.