K
KK
I am testing some code after reading the following article in MSDN.
"Cryptographic Hash Algorithms Let You Detect Malicious Code in ASP.NET"
In my case, I have quite a lot of aspx files. So I store my hash values in
the
db. then when ever a request comes for a particular aspx file, it takes
the current hash and compare it with the hash in the database. if they
dont match, it may have been tampered.
But the issue is, having them in the database will have a big performance
hit if this was a real application. (because for every request it open a
file
hash it, then go to db retrieve old hash compare etc...)
So I was thinking wether I can have a memory store kind of a thing
but only accessible for my assembly (which does the hash verificaiton)
If I can have it then at the beginning, I can load all the old hashes to
that
memory location and compare (at least it will stop querying the db for
every request)
Even though .NET have a isolatedstorage it is for files. Can anybody
give me some suggestions?
regards
KK
"Cryptographic Hash Algorithms Let You Detect Malicious Code in ASP.NET"
In my case, I have quite a lot of aspx files. So I store my hash values in
the
db. then when ever a request comes for a particular aspx file, it takes
the current hash and compare it with the hash in the database. if they
dont match, it may have been tampered.
But the issue is, having them in the database will have a big performance
hit if this was a real application. (because for every request it open a
file
hash it, then go to db retrieve old hash compare etc...)
So I was thinking wether I can have a memory store kind of a thing
but only accessible for my assembly (which does the hash verificaiton)
If I can have it then at the beginning, I can load all the old hashes to
that
memory location and compare (at least it will stop querying the db for
every request)
Even though .NET have a isolatedstorage it is for files. Can anybody
give me some suggestions?
regards
KK