February 5th, 2007, 06:03 AM
Applications and security consideration
I am working with online institute, the developer team has got different applications which are based on the following technologies:
All are web based applications
Build either on .NET framework 1.1 or .NET Framework 2.0
SQL server as a database at the backend
None of them are active directory enabled.
What security issue i have to take in consideration
Last edited by zillah; February 5th, 2007 at 12:02 PM.
February 6th, 2007, 04:07 PM
February 12th, 2007, 06:55 PM
I am greatful to that , because I have found alot of information
February 12th, 2007, 06:58 PM
The most common threat with web app's is sql injection.
February 13th, 2007, 07:27 PM
Consider the following:
* Servers - OS, Web, DB hardening / bastioning / latest patches
* Firewall rules and DMZ location (Web server should not be on the same segment as the SQL server if the Web App is available to the Internet.
* Authentication - using anonymous, basic or digest?
* Authorization - roles, permissions, runtime security
* Confidentiality - encryption methods (SSL), certificate servers
* Availability and support - is this an HA solution, does it require DR?
* Access Security - who needs access to support the application and servers?
Microsoft has some security whitepapers - http://msdn.microsoft.com/library/de...mendations.asp
By cheyenne1212 in forum Miscellaneous Security Discussions
Last Post: February 1st, 2012, 01:51 PM
By XTC46 in forum Site Feedback/Questions/Suggestions
Last Post: August 24th, 2005, 07:52 PM
By Tiger Shark in forum Microsoft Security Discussions
Last Post: January 14th, 2005, 07:47 PM
By gore in forum Operating Systems
Last Post: March 7th, 2004, 07:02 AM
By xmaddness in forum Miscellaneous Security Discussions
Last Post: October 31st, 2002, 12:59 AM