ts_block
wixsharp
ts_block | wixsharp | |
---|---|---|
4 | 12 | |
175 | 1,028 | |
- | - | |
0.0 | 5.5 | |
over 2 years ago | 3 days ago | |
Visual Basic | C# | |
Artistic License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ts_block
-
Learning Lessons From The Cyber-Attack: British Library cyber incident review [pdf]
> Is there something inherently insecure about remote desktops, or is MS software here known to be particularly insecure...
Exposing RDP to the Internet directly has been frowned-upon because of the attack surface being presented, there's no two factor "story" out-of-the-box, and you're opened up to brute force attempts on cruddy user passwords.
Older versions of the Microsoft Remote Desktop Protocol had a much larger attack surface than current versions. The current versions with Network Level Authentication (starting in Windows Vista/Server 2008) present a smaller attacks surface. Older versions used "homegrown" Microsoft crypto, whereas current versions use TLS.
Disclosure: I made a FLOSS fail2ban-like tool for RDP many years ago[0]. I had a situation where I was forced to expose RDP to the Internet and I didn't like having it open w/o some protection against brute force attacks. This tool happens to still works in Server 2022 and will slow the velocity of brute force attacks. I still highly recommend not exposing RDP directly to the Internet anyway.
(The ts_block tool is missing some fairly essential functionality that I never got around to implementing. It works fine and is really easy to install but some things are sub-optimal.)
[0] https://github.com/EvanAnderson/ts_block
- Fail2Ban – Daemon to ban hosts that cause multiple authentication errors
-
Analysis of a large brute force attack campaign against Windows Remote Desktop
My old ts_block[0] project does something similar to yours, albeit for RDP only and with much less sophisticated customization.
I opted to go with a WMI Event Sink rather than polling the Event Log. I've never done a benchmark to see which architecture would use less CPU, but I can say the WMI event sink causes nearly instantaneous reaction.
As an aside: I'd love to hear if somebody tries ts_block on Windows Server 2022. It works fine on 2012 R2 thru 2019 but I've never tried it on 2022.
[0] https://github.com/EvanAnderson/ts_block
-
WinGet is terrible. I want AppGet back
The perspectives in the comments on this article re: WiX XML source and Windows Installer being difficult are interesting to me. Like I said elsewhere, I overcame that learning curve so long ago that I can't put myself in a position where it seems daunting now.
To be fair, though, an MSI to install a 10 files in "C:\Program Files\AppName", register a couple .NET assemblies, create a couple of shortcuts, and throw a few values into the registry would amount to <100 lines of XML.
Here's a years-old WiX 2.0 syntax source file to install 4 files in "C:\Program Files\appname" and run an EXE embedded in the MSI to install a service: https://github.com/EvanAnderson/ts_block/blob/master/MSI/ts_...
I've only seen "thousands of lines" of WiX source when dealing programs that install a ton of files, or put scads of entries in the registry.
Most of the MSIs with WiX are based on a simple skeleton generated from a template, and using "includes" generated by the "candle" tool.
Understanding the Windows Installer and the WiX source feels analogous to what I see in "modern" web development-- a bunch of tools that developers use, seemingly without understanding what they do, to create a massive pile of edifice into which original code is finally placed.
wixsharp
-
Twenty years maintaining the WiX Toolset
I can recommend Wixsharp (https://github.com/oleg-shilo/wixsharp), you no longer have to learn the insane wix xml syntax to create an installer.
-
In the year 2023, what is the best way to deploy/distribute a WPF Application?
Also try wix# (https://github.com/oleg-shilo/wixsharp) - it makes things much easier
-
Best option for getting a binary to cross-platform customers?
Windows: The Microsoft-recommended way is .msi files but, if you're not willing to pay for something like InstallShield or a professional "How to use WiX XML course", making them is going to be painful even with something like WiXSharp, so my advice is to offer a Zip file and an Inno Setup installer. (Which things like Chocolatey can build on)
-
Looking for easy way for distribution of crates
Wix# is better, but still not as easy, and it depends on .NET, which makes it a hassle to get set up in Wine compared to how, being written in Delphi and using itself as an installer, Inno Setup is practically Rust-like in how easy it is to set up in Wine.
-
How do I intergret cargo in Rust code
If you really want to bundle a compiler, my advice would be to just use an installer like Inno Setup or NSIS or the WiX Toolset via WixSharp and have it either download or bundle the installer for the compiler.
-
Forced static linking?
Speaking of MSI, I'd suggest using Wix# instead of WiX directly.
-
PEP 594 “Removing dead batteries from the standard library” accepted
The functionality in the msilib module is somewhat low-level anyway (it basically just opens the database for you and leaves the arcane incantations required for doing anything as an exercise for the reader) so it probably wouldn't be hugely difficult to replace it with ctypes calling msi.dll directly.
If I were to replace my msilib-based installer, I would migrate to Wix# [1], a fantastic high-level wrapper for WiX that lets you express your installer in a few lines of C# (and then generates the thousands of lines of XML that WiX needs, but you don't need to touch it). I wouldn't have used msilib if I had known about Wix# at the time.
[1] https://github.com/oleg-shilo/wixsharp
- What's the best way to deploy a desktop application?
- WinGet is terrible. I want AppGet back
-
Creating an installer for your app is super easy! Quick video showing how to create a setup file
Adding that folks should look into using WixSharp especially if there is a need to create a more customizable UI for the installer. The instructions for building the installer is all written in C# including any custom actions required by your installer project.
What are some alternatives?
Versions - 📦 A Scoop bucket for alternative versions of apps.
Squirrel - An installation and update framework for Windows desktop apps
Shovel-Ash258 - Personal Shovel bucket with a wide variety of applications of all kinds.
wix3 - WiX Toolset v3.x
oneget - PackageManagement (aka OneGet) is a package manager for Windows
ts_block - Blocks IP addresses generating invalid Terminal Services logons
api-ms-win-core-path-HACK - Implementation of api-ms-win-core-path-l1-1-0.dll for Windows 7 based on Wine code
winget-cli - WinGet is the Windows Package Manager. This project includes a CLI (Command Line Interface), PowerShell modules, and a COM (Component Object Model) API (Application Programming Interface).
Chocolatey - Chocolatey - the package manager for Windows