Saturday, December 29, 2012
What do you think?
Monday, July 30, 2012
I researched the matter and discovered that unlike FF and Chrome that closing the connections gracefully with FIN when they are closed, IE (or the OS) sends resets, and with the WFP some connections would not close.
I tore the WFP a new one, with many debug prints eventually I got to the conclusion that no resets were dropped, so I tested again without the WFP and discovered that some connections are not closed and after 30-60 seconds the server side closed them (and not the client side as it should), probably a bug of MS.
When using a LSP this didn't occur because when the LSP is unloaded it closes all the connections gracefully, so I added a function in the Komodia's Redirector to track closed apps and manually close all outstanding connections, this way connections are closed after a few seconds and not 30-60 seconds.
Thursday, December 17, 2009
1. 6 16GB Mtron which gives me crazy speed of 600mb/s
2. 2 128GB Corsair for my OS
3. 2 128GB Corsair for my main virtualize OS drive
Over a period of time I can say that this setup saved me allot of time and frustration and I can also add that until you worked from a SSD drive, you don't know what a computer is :)
This is a speed benchmark of the Mtron raid:
Sunday, December 13, 2009
I've talked to a friend of mine which introduced me to detouring back in the days and he explained to me the mechanics of detouring as he was a kernel programmer and in his previous position he subvered most of the kernel. With this new knowledge I was able to build a library that does exactly what Microsoft Detour does, and because I'm intercepting only a handfull of functions I don't need to make it generic.
Time has passed, everyone was happy but I got more and more requests to support my detouring apps for 64bit, now if detours was a pain for 32bit they are a nightmare for 64bit and the reason is that MS excluded two important features that are required to perform detours:
- Naked __declspec
Without these two, detouring would be a nightmare, so again I researched the web and just like before I went down the same path: MS Detours professional supports 64bit but costs quite a lot (last time I saw a price it was 10k$), and it can't be downloaded so I couldn't learn what they are doing. The non MSVC library doesn't support 64bit detours because there isn't a 64bit version of the development language, and the 100$ library, well, it was bad and nothing changed about it :)
The only difference is that I know how the 32bit detours work, so I researched again on the subject and again documentation is scarce and fuzzy but in a moment of insomnia I managed to find a solution for the problems with 64bit detours :) my code is working and just like before I need to make sure it works for all my detours but the hard work is done, I can safely say that as for this moment, my company is one of the handfull that are in possesion of such technology.
Just to be fair and unbiased there's another LGPL (I hate L/GPL) library which is doing kernel hooking which is quite of an overkill for me and I couldn't learn anything from it, it's called: EasyHook.
Sunday, March 15, 2009
When I code I have the same effect like Tesla, I see the code in my mind's eye, I know what to do, I don't need to design it on a paper or computer software and when I write it out, it's like doing without "thinking" I've been doing this for the past 23 years, I've calculated I've got around 30,000 hours of coding experience, which shaped my personality as well, for good or bad.
Thursday, March 12, 2009
Anyway we have a new web site (http://www.komodia.com) and I think the design is very good, now I'm working on getting some more links and articles, there are some crucial keywords which the site is not ranked in the top 10 and because Winsock LSP is a niche I know it's possible to rank the site quite high for LSP keywords.
Some technology update, there's a new version of the HTTP sniffer comming out (http://www.komodia.com/index.php?page=sniffer.htm), total rewrite of the first version, new version is fast, robust, stable and works like a charm, and on top of that I will add Firefox support so the new sniffer will support both IE and FF.
I have some thoughts about creating a retail version of the sniffer with many retail features to sell, I'm not sure though, what I do know that if this comes to be, I'll hire some outsource to do the GUI, my GUI abilities are minimal functional at best :-)
That's it for now,
Tuesday, January 13, 2009
Recently I had two cases which I was the client and I needed the support.
First story is that I bought an SDK for 100$, the guy on the other side answered my questions prior to the purchase, basically he said - you won't get any support, you're on your own, I decided the amount was worth the risk and I bought the SDK. After I inspected the code therally I discovered a pitfall that meant I can't use the SDK - ofcourse this wasn't mentioned before anywhere and for 90% of users this will be ok because they will never link the problem I discovered to the problems they will experience. Well the guy said that there won't be any support and the amount isn't worth my time asking my money back, so I consider this a teaching experience, how to not act toward my clients.
Second story is of a special piece of code I purchased that was written specially for me. I discovered a bug in the way the program was behaving and I asked the guy to help me tracking the bug, he said there's no bug, it works great for him and the problem is on my end. I know there's a bug in his code and I can't roll the problem to my clients because I want them to be 100% satisfied - so I say for two hours and debuged a code that isn't mine, I ran two sniffers, wrote custom logs and found the problem and fixed it, indeed it was a hard bug to find however it was exactly the kind of bug I suspected it was and I mentioned it to the guy that said, it works great for me. Again I consider this a learning experience, my clients got a great product and I learnt new technology on the way.
Good news is that our SSL hijacker has entered beta stage and is now working quite good, some fixes are still needed to make it work great but that's quite an achievement, specialy that there's no other product on the market that does that, without alerting the user that is.