Hacking the code : ASP.NET web application security /: ASP.NET web application security. (©2004)
- Record Type:
- Book
- Title:
- Hacking the code : ASP.NET web application security /: ASP.NET web application security. (©2004)
- Main Title:
- Hacking the code : ASP.NET web application security
- Other Titles:
- ASP.NET web application security
- Further Information:
- Note: Mark Burnett, James C. Foster, technical ed.
- Other Names:
- Burnett, Mark (Mark M.)
Foster, James C - Contents:
- Chapter 1 Managing Users; ; Introduction; ; Understanding the Threats; ; Establishing User Credentials; ; Enforcing Strong Passwords; ; Avoiding Easily Guessed Credentials; ; Preventing Credential Harvesting; ; Limiting Idle Accounts; ; Managing Passwords; ; Storing Passwords; ; Password Aging and Histories; ; Changing Passwords; ; Resetting Lost or Forgotten Passwords; ; Resetting Passwords; ; Sending Information Via E-Mail; ; Assigning Temporary Passwords; ; Using Secret Questions; ; Empowering Users; ; Educating Users; ; Involving Users; ; Coding Standards Fast Track; ; Establishing User Credentials; ; Managing Passwords; ; Resetting Lost or Forgotten Passwords; ; Empowering Users; ; Code Audit Fast Track; ; Establishing User Credentials; ; Managing Passwords; ; Resetting Lost or Forgotten Passwords; ; Empowering Users; ; Frequently Asked Questions; ; Chapter 2 Authenticating and Authorizing Users; ; Introduction; ; Understanding the Threats; ; Authenticating Users; ; Building Login Forms; ; Using Forms Authentication; ; Using Windows Authentication; ; Using Passport Authentication; ; Blocking Brute-Force Attacks; ; Authorizing Users; ; Deciding How to Authorize; ; Employing File Authorization; ; Applying URL Authorization; ; Authorizing Users Through Code; ; Coding Standards Fast Track; ; Authenticating Users; ; Authorizing Users; ; Code Audit Fast Track; ; Authenticating Users; ; Authorizing Users; ; Frequently Asked Questions; ; Chapter 3 Managing Sessions; ;Chapter 1 Managing Users; ; Introduction; ; Understanding the Threats; ; Establishing User Credentials; ; Enforcing Strong Passwords; ; Avoiding Easily Guessed Credentials; ; Preventing Credential Harvesting; ; Limiting Idle Accounts; ; Managing Passwords; ; Storing Passwords; ; Password Aging and Histories; ; Changing Passwords; ; Resetting Lost or Forgotten Passwords; ; Resetting Passwords; ; Sending Information Via E-Mail; ; Assigning Temporary Passwords; ; Using Secret Questions; ; Empowering Users; ; Educating Users; ; Involving Users; ; Coding Standards Fast Track; ; Establishing User Credentials; ; Managing Passwords; ; Resetting Lost or Forgotten Passwords; ; Empowering Users; ; Code Audit Fast Track; ; Establishing User Credentials; ; Managing Passwords; ; Resetting Lost or Forgotten Passwords; ; Empowering Users; ; Frequently Asked Questions; ; Chapter 2 Authenticating and Authorizing Users; ; Introduction; ; Understanding the Threats; ; Authenticating Users; ; Building Login Forms; ; Using Forms Authentication; ; Using Windows Authentication; ; Using Passport Authentication; ; Blocking Brute-Force Attacks; ; Authorizing Users; ; Deciding How to Authorize; ; Employing File Authorization; ; Applying URL Authorization; ; Authorizing Users Through Code; ; Coding Standards Fast Track; ; Authenticating Users; ; Authorizing Users; ; Code Audit Fast Track; ; Authenticating Users; ; Authorizing Users; ; Frequently Asked Questions; ; Chapter 3 Managing Sessions; ; Introduction; ; Session Tokens; ; Authentication Tokens; ; Understanding the Threats; ; Maintaining State; ; Designing a Secure Token; ; Selecting a Token Mechanism; ; Using State Providers; ; Using ASP.NET Tokens; ; Using Cookies; ; Working with View State; ; Enhancing ASP.NET State Management; ; Creating Tokens; ; Terminating Sessions; ; Coding Standards Fast Track; ; Maintaining State; ; Using ASP.NET Tokens; ; Enhancing ASP.NET State Management; ; Code Audit Fast Track; ; Maintaining State; ; Using ASP.NET Tokens; ; Enhancing ASP.NET State Management; ; Frequently Asked Questions; ; Chapter 4 Encrypting Private Data; ; Introduction; ; Using Cryptography in ASP.NET; ; Employing Symmetric Cryptography; ; Using Asymmetric Cryptography; ; Working with Hashing Algorithms; ; Working with .NET Encryption Features; ; Creating Random Numbers; ; Keeping Memory Clean; ; Protecting Secrets; ; Protecting Communications with SSL; ; Coding Standards Fast Track; ; Using Cryptography in ASP.NET; ; Working with .NET Encryption Features; ; Code Audit Fast Track; ; Using Cryptography in ASP.NET; ; Working with .NET Encryption Features; ; Frequently Asked Questions; ; Chapter 5 Filtering User Input; ; Introduction; ; Handling Malicious Input; ; Identifying Input Sources; ; Programming Defensively; ; Constraining Input; ; Bounds Checking; ; Pattern Matching; ; Data Reflecting; ; Encoding Data; ; Encapsulating; ; Parameterizing; ; Double Decoding; ; Syntax Checking; ; Exception Handling; ; Honey Drops; ; Limiting Exposure to Malicious Input; ; Reducing the Attack Surface; ; Limiting Attack Scope; ; Hardening Server Applications; ; Coding Standards Fast Track; ; Handling Malicious Input; ; Constraining Input; ; Limiting Exposure to Malicious Input; ; Code Audit Fast Track; ; Handling Malicious Input; ; Limiting Exposure to Malicious Input; ; Frequently Asked Questions; ; Chapter 6 Accessing Data; ; Introduction; ; Securing Databases; ; Securing the Database Location; ; Limiting the Attack Surface; ; Ensuring Least Privilege; ; Securing the Database; ; Writing Secure Data Access Code; ; Connecting to the Data Source; ; Preventing SQL Injection; ; Writing Secure SQL Code; ; Reading and Writing to Data Files; ; Coding Standards Fast Track; ; Securing Database Drivers; ; Securing Databases; ; Writing Secure Data Access Code; ; Code Audit Fast Track; ; Securing Database Drivers; ; Securing the Database; ; Writing Secure Data Access Code; ; Frequently Asked Questions; ; Chapter 7 Developing Secure ASP.NET Applications; ; Introduction; ; Understanding the Threats; ; Writing Secure HTML; ; Constructing Safe HTML; ; Preventing Information Leaks; ; Handling Exceptions; ; Using Structured Error Handling; ; Reporting and Logging Errors; ; Coding Standards Fast Track; ; Writing Secure HTML; ; Handling Exceptions; ; Code Audit Fast Track; ; Writing Secure HTML; ; Handling Exceptions; ; Frequently Asked Questions; ; Chapter 8 Securing XML; ; Introduction; ; Applying XML Encryption; ; Encrypting XML Data; ; Applying XML Digital Signatures; ; Signing XML Data; ; Coding Standards Fast Track; ; Applying XML Encryption; ; Applying XML Digital Signatures; ; Coding Audit Fast Track; ; Applying XML Encryption; ; Applying XML Digital Signatures; ; Frequently Asked Questions; ; Appendix A Understanding .NET Security; ; Introduction; ; Permissions; ; Principal; ; Authentication; ; Authorization; ; Security Policy; ; Type Safety; ; Code Access Security; ; .NET Code Access Security Model; ; Role-Based Security; ; Principals; ; Role-Based Security Checks; ; Security Policies; ; Creating a New Permission Set; ; Modifying the Code Group Structure; ; Remoting Security; ; Cryptography; ; Security Tools; ; Summary< … (more)
- Publisher Details:
- Rockland, MA : Syngress Pub
- Publication Date:
- 2004
- Copyright Date:
- 2004
- Extent:
- 1 online resource (xxiii, 447 pages), illustrations
- Subjects:
- 005.276
Application software -- Security measures
Computer networks -- Security measures
Electronic book collection
Electronic books
REFERENCE -- General
Computer security
Microsoft .NET Framework
Electronic books - Languages:
- English
- ISBNs:
- 1931836434
9781931836432
9781932266658
1932266658
9780080478173
0080478174 - Notes:
- Note: Print version record.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.32843
- Ingest File:
- 01_038.xml