Browse by Tags

All Tags » Security (RSS)
Wednesday, June 25, 2008 9:34 AM

SQL Injection Security Experiences

Last evening I tried out two of the tools that Joe Stagner wrote about in his blog post Tools to block and eradicate SQL injection . Since I manage a classic ASP web application that was completely lacking in security and potentially vulnerable to these...
Posted by rrobbins | with no comments
Filed under: , , , ,
Friday, May 23, 2008 9:02 AM

SQL Injection Threat On The Rise

I've been following the rise of SQL Injection attacks because I'm busy protecting a vulnerable web application. I'm very critical of the lack of attention this is getting in the developer community. In my opinion, if web developers were really communicating...
Posted by rrobbins | 1 comment(s)
Filed under: , , ,
Thursday, May 08, 2008 9:08 AM

ASP.NET Cryptography Insecurities

I've found a serious shortcoming in one of the security methods I've been using. I've inherited two projects in which social security numbers were stored in a database in an unencrypted format. For the web application I don't think the SQL Server 2005...
Posted by rrobbins | 2 comment(s)
Filed under: , , , ,
Wednesday, April 30, 2008 2:46 PM

Massive SQL Injection Attack - Did You Hit The Snooze Alarm On The Wake Up Call?

I've seen very little blogger chatter about the massive SQL injection attack that is making the news even though it is us web developers who are being blamed for it. Even Jeff Atwood has neglected to blog about it and he loves to rant about shoddy coding...
Posted by rrobbins | 3 comment(s)
Filed under: , ,
More Posts