Writing Secure ASP.NET Session - Dutch

Tuesday, April 27, 2004

ASP.NET IT

It has been a long time since I posted something, but here I am again. It's a very busy time right now, some exams, loads of school tasks, some websites, etc..

And also, a talk I had to prepare for class. One that I'm going to share with you.

I'll have to dissapoint non-Dutch readers though, the slides are writting in Dutch, as it was a local session. You could always look at the code though.

The subject was 'Writing Secure ASP.NET'. Covering :

Cross-site Scripting
SQL Injection
Hashing passwords
IOPermissions by default
Unsafe DSN (DSN with password included)

The first three demo's code should be obvious. Regarding IOPermissions I showed a file browser that could browse trough the system in default ASP.NET installation. And for the Unsafe DSN, I listed system DSNs, or used a demo DSN, showed the tables in it (MySQL only) and executed a query against it.

You can find all files here: SecureASPNET.ppt (227k) and Demo.zip (205k).

Sweeeeet powerpoint presentation, i like the lizard a lot. If I could find his head, we can fix it! :D

I can't say a lot about the content, because I don't have any knowledge about it, but it seems to be interesting!

lore - Tuesday, April 27, 2004 8:11:00 PM

It was a very nice presentation, I learnt alot about secure coding :). I also took this picture (after a few tries)

bleyke - Tuesday, April 27, 2004 8:16:00 PM

hey, sounds like I've missed something interesting.

But thanks for giving me an individual lesson :p

Kelly - Wednesday, April 28, 2004 9:15:00 AM

To bad I had to mis that presentation... :s

Bert - Wednesday, April 28, 2004 4:48:00 PM

but i was there :p

i hope they learned not to use claroline anymore...

Robin - Tuesday, July 20, 2004 9:09:00 PM

5 Comments