Is asp.net safe?

A

ad

I use VS2005 to develop web applicaiton.
The Web applicaiton will install in an windows xp.
Some cusotmer doubt the safety of Asp.net.

Are there some reports about the safety of OS or database or development
tools?
 
M

Michael D. Ober

If your customer wants complete safety, tell him to use VMS. Other than
that, ASP.NET 2.0 running on W2003 SP1 is pretty darn safe, so long as your
code doesn't do anything stupid like not validate inputs and allow access to
folders that it doesn't need.

Mike Ober.
 
O

offwhite

Also be sure to handle the Application_Error event in the Global.asax
and not allow errors to be shown to the public users. And do not use
ad hoc SQL in your ASP.NET code. Instead use stored procedures or
parameterized SQL strings. That will help fight off SQL injection
attacks.

You can then have this website run in a separate application pool in
IIS under a custom user (not Network Service) and limit the rights of
that user. Generally you just need access to the database which will
not be a trusted connection anyway.

Brennan Stehling
http://brennan.offwhite.net/blog/
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to tell user ASP.NET is safe 1
Bash scripts for web apps 1
Is being a web dev still a good job ? 6
Intranet URL from Internet application 7
New coder with a focus on animating web banners 0
I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
I need a recommendation for a framework 1
Is code a safe thread? 4

Members online

Total: 29 (members: 1, guests: 28)
Robots: 607

Forum statistics

Threads
473,769
Messages
2,569,582
Members
45,057
Latest member
KetoBeezACVGummies

Latest Threads

Top