-
INETA Community Speaker – Request Me
"@fuckingness Not ready for VS11 yet. It will be, but VS11 needs to settle down first.""Home from #vslive, sad to see this one end. I had a great time meeting everyone, and loved Brooklyn.""Planning my speaking gigs now: Magazine rates the best BBQ restaurants in the South http://t.co/mIblCK5L via USA TODAY""I just ousted @nahum_sanchez as the mayor of Charlie Brown's Airport Parking on @foursquare! http://t.co/njpetZIu"
Category Archives: Security
The Internet Explorer team should be proud of themselves this week: Many people are switching from Internet Explorer to alternative browsers such as Firefox and Safari. Though that might make them feel more secure, the shift has also opened new … Continue reading
Posted in Security
Leave a comment
Although this attack targets websites powered by Microsoft SQL Server, databases such as Oracle are also vulnerable to this attack. The attacks “are a very sophisticated form of SQL injection,” Qualys CTO Wolfgang Kandek told TechNewsWorld. “Normally, SQL injection is … Continue reading
Posted in Security, SQL Server
Leave a comment
One of Dell’s selling points for its new Vostro line is a lack of trial-ware. In fact, Dell’s website makes the following claim on the Vostro homepage: No trialware.Customers said they hated trialware, so we took it away. Vostro systems … Continue reading
Posted in Hardware, Security
Leave a comment
The ACE Team (Application Consulting and Engineering) has released a beta version of their tool to scan managed code and detect potential vulnerabilities to cross-site scripting. XSSDetect runs as a visual studio plug-in. From their blog: One of the biggest, … Continue reading
Posted in Security
Leave a comment
Kevin Gearing of DotNetFreak has released an updated CAPTCHA control for .NET. Not only compiled against the latest version, there are a lot of new features, too: Version 2 of FormShield builds on the previous .NET 1.1 version, adding a … Continue reading
Posted in Security
Leave a comment
Recently, a question came up in the ASP.NET security forums about the lack of a remote membership/role configuration tool in ASP.NET 2.0. Being able to remotely manage users is important in pretty much any site where you have users. Fortunately, … Continue reading
Posted in .NET 2.0, Security, Visual Studio
Leave a comment
In a previous post (http://aspadvice.com/blogs/rjdudley/archive/2005/05/21/2595.aspx), I showed one way to protect files from direct download by configuring IIS. In a shared hosting environment, this usually isn’t possible, so I’ll show another way to protect these files. First, a little review. … Continue reading
Posted in Security
Leave a comment
Today’s NewsFactor Network showed up in my inbox, and the lead story was: ———————————————————— 1. E-Mail Authentication: Holy Grail or Lost Cause? ———————————————————— Originally, e-mail was never designed to do anything more than deliver text messages. But added-on features eventually … Continue reading
Posted in Security
Leave a comment
My latest ASP Alliance article has been published: A Simple Passphrase Generator Passphrases have been receiving more and more attention as part of a strong security policy. When building secure web-based applications, assigning random passphrases to new user accounts can … Continue reading
My latest ASP Alliance article has been published today: Preventing Page Review after Logout with Forms Authentication The inclusion of Forms Authentication in the .NET Framework has been a significant benefit to developers securing web-based applications. While pages can be … Continue reading
Posted in Security
Leave a comment
