Wednesday, July 23, 2008

Callback to C# from Unmanaged Fortran

Using unmanaged code eg Fortran to callback to C# can be a nightmare to get right. But once you know it, it is just following a recipe. Hence without further explanation, an example and recipe is given below. It is quite self-expalnatory I hope.

Just note that, the example is more than a simple call back. The C# actually calls a Fortran function in a dll. Within the Fortran function calls the callback in C#.

--- Fortran code -----
module f90Callback

contains

subroutine func1(iArr, progressCllBak)
!DEC$ ATTRIBUTES DLLEXPORT ::func1
!DEC$ ATTRIBUTES REFERENCE :: iArr, progressCllBak
implicit none
external progressCllBak
integer :: iCB
integer, INTENT(OUT) :: iArr(2)

! Variables

! Body of f90Callback
print *, "Hello Before"
iCB = 3
iArr(1) = 5
iArr(2) = 7
call progressCllBak(iCB)
print *, "setting callback value in Fortran as :", iCB
print *, "Hello After"

return
end subroutine func1

end module f90Callback


------- C# code ---------

using System;
using System.Collections.Generic;
using System.Text;
using System.Runtime.InteropServices;

namespace CScallbackDriver
{
class Program
{
// 0. Define a counter for the Progress callback to update
public int localCounter;

// 1. Define delegate type
[UnmanagedFunctionPointer(CallingConvention=CallingConvention.Cdecl)]
public delegate void dgateInt(ref int numYears);

// 2. Create a delegate variable
public dgateInt dg_progCB;


public Program() {
// 3. Instantiate delegate, typically in a Constructor of the class
dg_progCB = new dgateInt(onUpdateProgress);
}

// 4. Define the c# callback function
public void onUpdateProgress(ref int progCount) {
localCounter = progCount;
}

int iArg;
static void Main(string[] args)
{

Program myProg = new Program();
myProg.localCounter = 0;
int[] iArrB = new int[2];

//6. Call normal Fortran function from DLL, and passing the callback delegate
func1(ref iArrB[0], myProg.dg_progCB);


Console.WriteLine("Retrieve callback value as {0}", myProg.localCounter);
Console.ReadKey();
}

// 5. Define the dll interface
[DllImport("f90Callback", EntryPoint="F90CALLBACK_mp_FUNC1", CharSet = CharSet.Auto, CallingConvention = CallingConvention.Cdecl)]
public static extern void func1([In, Out] ref int iArr, [MarshalAs(UnmanagedType.FunctionPtr)] dgateInt blah);




}
}

Sunday, July 13, 2008

Online Scan - AntiVirus

As with Firewalls, there should be at most, one Antivirus program running on your PC. More than that will cause uncertain behaviour. But how do we know that our antivirus is a good one. Or if we scan a file and it passed our antivirus scan, are we sure it is OK? One solution is to scan the file or files using online scanners available from the web. Here are a few of them:

http://housecall.trendmicro.com/
http://www.kaspersky.com/virusscanner
http://www.bitfender.com/scan8/ie.html
http://www.pandasecurity.com/homeusers/solutions/activescan
http://us.mcafee.com/root/mfs
http://onecare.live.com/site/en-US/default.htm
http://pestpatrol.com/
http://www.f-secure.com/en/web/labs_global/removal/online-scanner

Even easier is to upload one file and have it scanned by multiple antivirus software. This can be done at: http://www.virustotal.com/

Malware can be checked by submitted a file to this website:
http://malwr.com/about/

Alternatively, one can use a sandbox to test our suspicious applications first. Some of the sandbox are:
Norman Sandbox - www.norman.com/microsites/nsic

(this article can also be found at:
http://pckingsford.com//index.php?option=com_content&task=blogcategory&id=19&Itemid=39 )

Saturday, July 12, 2008

Firewall Testing (Hardening)

Here are some tools and techniques to test if your firewall is up to scratch:
1. www.pcflank.com
Contains various test for the firewall including: port scanners, stealth testing, leak test and others.
For leak test, download PCFlankLeaktest.exe. This test tries to send some information out of your PC to the PCFlank site. The results are shown in http://www.pcflank.com/pcflankleaktest_results.htm

. According to PCFlank, only Outpost Firewall Pro and Tiny Personal Firewall pass the leaktest. At PCKingsford, we have tried the FREE Comodo Firewall Pro (CFP) and this works. If it fails, you just need to be sure that you have not tell CFP to ALLOW it. To check whether an application is allowed in CFP, open up the CFP, go to the Defense+ on top, then go to the Advanced tab on the left menu, then click Computer Security Policy. Look for the application name and edit the rules for it.

2. ShieldsUp at http://www.grc.com/faq-shieldsup.htm
Click on Services tab on the website, then select ShieldsUp. Follow the instruction to test your firewall via this website. The tests include:
File Sharing
Common Ports
All Service Ports
Messenger Spam
Browser Helpers

3. Leaktest 1.2 at http://www.grc.com/lt/leaktest.htm This is one of the original firewall leaktest program that started it all.

4. Firewall Leak Tester - www.firewallleaktester.com
This is a one-stop shop for leak tester programs you can use to test your software. It has over 26 leak testers. The website published results comparing various firewalls but note that the comparison was done in 2006 so that may have been outdated. You can always download the leak testers and test individually.
Other leak testers are:
http://www.pcflank.com/pcflankleaktest.htm

(this article can be seen at
www.pckingsford.com)

5. Testing exploits to PC.
http://www.pcflank.com/exploits.htm - simulates Denial of Service attacks on your system.

6. Question on "How Does a Router Protect?" has some answers here:
http://xtechnotes.blogspot.com.au/2012/04/how-does-router-protect.html

7. Linux - IPTABLES
For Linux users, the software firewall IPTABLES allow maximum configurability.
More details can be found in the "Linux Firewall" section in: http://xtechnotes.blogspot.com.au/2012/05/notes-linux.html

A list of simple rules is given here as an example  for
Super Stealth mode
----------------
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -F
iptables -X
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
----------------
Once you've executed them, use this command for the stealth config to stick:
Code:
service iptables save

The above rules are quite strict. For simple web browsing, try this:
Basic Web Browsing mode
-----------------------------------
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --sport 80 -j ACCEPT
iptables -A INPUT -p udp --sport 53 -j ACCEPT
iptables -A INPUT -j DROP
iptables -A OUTPUT -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables-save > /etc/sysconfig/iptables
----------------------------------

then to restart:
service iptables save
service iptables start

Links to IPTABLES configuration:
http://www.thegeekstuff.com/2011/06/iptables-rules-examples/
http://www.thegeekstuff.com/2012/08/iptables-log-packets/
http://www.thegeekstuff.com/2011/01/redhat-iptables-flush/
http://www.thegeekstuff.com/2011/03/iptables-inbound-and-outbound-rules/
http://www.thegeekstuff.com/2011/02/iptables-add-rule/
http://www.thegeekstuff.com/2011/01/iptables-fundamentals/