• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

WEP Application Security

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More

View previous topic :: View next topic  
Author Message
ahmadaqil
Just Arrived
Just Arrived


Joined: 23 Jan 2010
Posts: 0


Offline

PostPosted: Sat Jan 23, 2010 3:02 pm    Post subject: WEP Application Security Reply with quote

Hello

I have web application working on ASP.NET and it's hosted in my company at iis6 on windows server 2003 std

and i need the professional way to put the security for this application (hardware&software)

Please send me your Idea

Thanks
Back to top
View user's profile Send private message
pass1000
Just Arrived
Just Arrived


Joined: 26 Mar 2010
Posts: 0


Offline

PostPosted: Fri Mar 26, 2010 11:09 am    Post subject: Reply with quote

In the NT-Bugtraq mailing list on the first report of Security bug in. NET Forms Authentication for ASP.NET 1.0 (RTM, SP1, SP2, SP3), and ASP.NET 1.1 (RTM, SP1). When the Form Authentication is used when the , anonymous users trying to access protected pages such as http://localhost/WebApplication2/secret.aspx will be redirect to the login page, such as http://localhost/WebApplication2/login.aspx? ReturnUrl =% 2fWebApplication2% 2fsecret.aspx . but if you use Mozilla, anonymous users can be protected without the certificate on the access page: http://localhost/WebApplication2 \ secret.aspx; pairs of IE, you can use the% 5C achieve a similar effect: http://localhost/ WebApplication2% 5Csecret.aspx What You Should Know About a Reported Vulnerability in Microsoft ASP.NET Web page in order to provide countermeasures for this vulnerability. The current response is mainly described as KB887459 as in the Global.asax or the Code-Behind in the Application_BeginRequest add check if (Request.Path.IndexOf ( '\ \')> = 0 | | System.IO.Path. GetFullPath (Request.PhysicalPath)! = Request.PhysicalPath) (throw new HttpException (404, "not found")Wink is clear that each Application needs to have such checks to be this security vulnerability. Microsoft will also provide other responses, please take heed of What You Should Know About a Reported Vulnerability in Microsoft ASP.NET Web page updates.[/img]
Back to top
View user's profile Send private message
pass1000
Just Arrived
Just Arrived


Joined: 26 Mar 2010
Posts: 0


Offline

PostPosted: Fri Mar 26, 2010 11:11 am    Post subject: Reply with quote

ASP.NET security architecture of the main functions of authentication and authorization security context of the identification and authentication module runs the main module of the operating license
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register