Oldest pages

From Guidance Share

Jump to: navigation, search

Showing below up to 250 results starting with #1.
View (previous 250) (next 250) (20 | 50 | 100 | 250 | 500).

  1. ASP.NET 1.1 Performance Checklist ‎(00:00, 1 January 1970)
  2. ASP.NET 2.0 Code Examples ‎(00:00, 1 January 1970)
  3. What's new in ASP.NET 2.0 in terms of Authentication? ‎(00:00, 1 January 1970)
  4. How do I decide my Authentication strategy in ASP.NET? ‎(00:00, 1 January 1970)
  5. How do I use Forms Authentication with SQL Server database? ‎(00:00, 1 January 1970)
  6. How do I use Forms Authentication with Active Directory? ‎(00:00, 1 January 1970)
  7. How do I enable Forms Authentication to work with multiple Active Directory domains? ‎(00:00, 1 January 1970)
  8. How do I protect Forms Authentication? ‎(00:00, 1 January 1970)
  9. How do I enforce strong passwords using membership feature in ASP.NET 2.0 ‎(00:00, 1 January 1970)
  10. How do I protect passwords in user store? ‎(00:00, 1 January 1970)
  11. What are the issues with Forms Authentication in Web Farm Scenario? ‎(00:00, 1 January 1970)
  12. How do I implement single sign on using forms authentication? ‎(00:00, 1 January 1970)
  13. How do I use my custom user / identity store with forms authentication? ‎(00:00, 1 January 1970)
  14. How do I configure account lockout using membership feature in ASP.Net 2.0? ‎(00:00, 1 January 1970)
  15. When and how do I use windows authentication in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  16. When and how do I use Kerberos authentication in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  17. What's new in ASP.NET 2.0 in terms of Authorization? ‎(00:00, 1 January 1970)
  18. What is the difference between URL authorization, File authorization and Role authorization?? ‎(00:00, 1 January 1970)
  19. How do I use URL Authorization in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  20. How do I use File Authorization in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  21. How do I use Role Authorization in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  22. How is the AuthorizationStoreRoleProvider different from Authorization Manager APIs? ‎(00:00, 1 January 1970)
  23. How do I use Windows Groups for role authorization in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  24. How do I use my custom role store for roles authorization? ‎(00:00, 1 January 1970)
  25. How do I cache roles in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  26. How do I protect authorization cookie when using role caching in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  27. How do I lock authorization settings? ‎(00:00, 1 January 1970)
  28. How do I use RoleManager in my application? ‎(00:00, 1 January 1970)
  29. ASP.NET 2.0 Security FAQs ‎(00:00, 1 January 1970)
  30. How do I use the Health monitoring feature in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  31. What's new in ASP.NET 2.0 in terms of Auditing and Logging? ‎(00:00, 1 January 1970)
  32. What security events does health monitoring log by default? ‎(00:00, 1 January 1970)
  33. How do I instrument my application for security? ‎(00:00, 1 January 1970)
  34. When writing to a new event source from my ASP.NET application running under the Network service security context, I get registry permission exception. Why is this and how do I correct this ‎(00:00, 1 January 1970)
  35. How do I protect audit and log files? ‎(00:00, 1 January 1970)
  36. What's new in ASP.NET 2.0 in terms of Code Access Security? ‎(00:00, 1 January 1970)
  37. How do I use code access security with ASP.NET? ‎(00:00, 1 January 1970)
  38. How do I create a custom trust level for ASP.NET? ‎(00:00, 1 January 1970)
  39. What are the permissions at the various trust levels? ‎(00:00, 1 January 1970)
  40. How do I write partial trust applications? ‎(00:00, 1 January 1970)
  41. When should I put assemblies in GAC, what are security implications? ‎(00:00, 1 January 1970)
  42. When do I use impersonation in ASP.NET 2.0? ‎(00:00, 1 January 1970)
  43. How do I impersonate the original caller? ‎(00:00, 1 January 1970)
  44. How do I temporarily impersonate the original caller? ‎(00:00, 1 January 1970)
  45. How do I impersonate a specific (fixed) identity? ‎(00:00, 1 January 1970)
  46. When should I use programmatic impersonation? ‎(00:00, 1 January 1970)
  47. How do I use programmatic impersonation? ‎(00:00, 1 January 1970)
  48. What is protocol transition and when do I care? ‎(00:00, 1 January 1970)
  49. What is Constrained Delegation? ‎(00:00, 1 January 1970)
  50. How can I retain impersonation in the new thread created from ASP.NET application? ‎(00:00, 1 January 1970)
  51. How do I flow the original user identity to different layers? ‎(00:00, 1 January 1970)
  52. Can impersonation be used with Forms authentication? ‎(00:00, 1 January 1970)
  53. What are the requirements for using Kerberos delegation? ‎(00:00, 1 January 1970)
  54. What does a secure web.config look like? ‎(00:00, 1 January 1970)
  55. How do I encrypt sensitive data in machine.config or web.config file? ‎(00:00, 1 January 1970)
  56. How do I run an ASP.NET application with a particular identity? ‎(00:00, 1 January 1970)
  57. How do I create a service account for running my ASP.NET applications? ‎(00:00, 1 January 1970)
  58. Do I need to create a unique user account for each application pool? ‎(00:00, 1 January 1970)
  59. How do I lock configuration settings? ‎(00:00, 1 January 1970)
  60. How do I handle exceptions securely? ‎(00:00, 1 January 1970)
  61. How do I prevent detailed errors from returning to the client? ‎(00:00, 1 January 1970)
  62. How do I use structured exception handling? ‎(00:00, 1 January 1970)
  63. How do I setup a global exception handler for my application? ‎(00:00, 1 January 1970)
  64. How do I enable my ASP.NET application to write to new event source? ‎(00:00, 1 January 1970)
  65. How do I protect the database connection strings in web.config file? ‎(00:00, 1 January 1970)
  66. How do I use windows authentication for connecting to SQL server? ‎(00:00, 1 January 1970)
  67. How do I use SQL authentication for connecting to SQL server? ‎(00:00, 1 January 1970)
  68. When using Windows authentication, how can I give the default ASP.NET worker process access to a remote database server? ‎(00:00, 1 January 1970)
  69. What are the types of input I need to validate in my ASP.NET application? ‎(00:00, 1 January 1970)
  70. How do I validate input in server-side controls? ‎(00:00, 1 January 1970)
  71. How do I validate input in HTML controls, QueryString, cookies, and HTTP headers? ‎(00:00, 1 January 1970)
  72. What is SQL injection and how do I protect my application from SQL injection attacks? ‎(00:00, 1 January 1970)
  73. What is cross-site scripting and how do I protect my ASP.NET application from it? ‎(00:00, 1 January 1970)
  74. How do I protect my web application's ViewState? ‎(00:00, 1 January 1970)
  75. What care should I take when securing ViewState in a web farm scenario? ‎(00:00, 1 January 1970)
  76. How do I protect sensitive data in the database? ‎(00:00, 1 January 1970)
  77. How do I protect sensitive data in configuration files? ‎(00:00, 1 January 1970)
  78. How do I protect sensitive data in memory? ‎(00:00, 1 January 1970)
  79. How do I protect passwords? ‎(00:00, 1 January 1970)
  80. How do I secure Session State information? ‎(00:00, 1 January 1970)
  81. How do I strong-name an ASP.NET application assembly? ‎(00:00, 1 January 1970)
  82. How do I delay sign an ASP.NET application assembly? ‎(00:00, 1 January 1970)
  83. When should I use .pfx files? ‎(00:00, 1 January 1970)
  84. When should I pre-compile my ASP.NET application? ‎(00:00, 1 January 1970)
  85. How do I pre-compile my ASP.NET application? ‎(00:00, 1 January 1970)
  86. How do I strong name an ASP.NET application? ‎(00:00, 1 January 1970)
  87. How do I Sign .Net assemblies with Authenticode signature? ‎(00:00, 1 January 1970)
  88. How should I prevent someone from disassembling code? ‎(00:00, 1 January 1970)
  89. How do I set up a SQL Server or SQL Express database for Membership, Profiles and Role Management? ‎(00:00, 1 January 1970)
  90. Guidance ‎(00:00, 1 January 1970)
  91. Audit and log access across application tiers. ‎(00:00, 1 January 1970)
  92. Consider identity flow. ‎(00:00, 1 January 1970)
  93. Log key events. ‎(00:00, 1 January 1970)
  94. Back up and analyze log files regularly. ‎(00:00, 1 January 1970)
  95. Separate public and restricted areas. ‎(00:00, 1 January 1970)
  96. Use account lockout policies for end-user accounts. ‎(00:00, 1 January 1970)
  97. Support password expiration periods. ‎(00:00, 1 January 1970)
  98. Be able to disable accounts. ‎(00:00, 1 January 1970)
  99. Do not store passwords in user stores. ‎(00:00, 1 January 1970)
  100. Require strong passwords. ‎(00:00, 1 January 1970)
  101. Do not send passwords over the wire in plaintext. ‎(00:00, 1 January 1970)
  102. Protect authentication cookies. ‎(00:00, 1 January 1970)
  103. Use multiple gatekeepers. ‎(00:00, 1 January 1970)
  104. Restrict user access to system-level resources. ‎(00:00, 1 January 1970)
  105. Consider authorization granularity. ‎(00:00, 1 January 1970)
  106. Protect your administration interfaces. ‎(00:00, 1 January 1970)
  107. Protect your configuration store. ‎(00:00, 1 January 1970)
  108. Maintain separate administration privileges. ‎(00:00, 1 January 1970)
  109. Use least privileged process and service accounts. ‎(00:00, 1 January 1970)
  110. Do not develop your own cryptography. ‎(00:00, 1 January 1970)
  111. Keep unencrypted data close to the algorithm. ‎(00:00, 1 January 1970)
  112. Use the correct algorithm and correct key size. ‎(00:00, 1 January 1970)
  113. Protect your encryption keys. ‎(00:00, 1 January 1970)
  114. Do not leak information to the client. ‎(00:00, 1 January 1970)
  115. Log detailed error messages. ‎(00:00, 1 January 1970)
  116. Catch exceptions. ‎(00:00, 1 January 1970)
  117. Assume all input is malicious. ‎(00:00, 1 January 1970)
  118. Centralize your approach. ‎(00:00, 1 January 1970)
  119. Do not rely on client-side validation. ‎(00:00, 1 January 1970)
  120. Be careful with canonicalization issues. ‎(00:00, 1 January 1970)
  121. Constrain, reject, and sanitize your input. ‎(00:00, 1 January 1970)
  122. Encrypt sensitive cookie state. ‎(00:00, 1 January 1970)
  123. Make sure that users do not bypass your checks. ‎(00:00, 1 January 1970)
  124. Validate all values sent from the client. ‎(00:00, 1 January 1970)
  125. Do not trust HTTP header information. ‎(00:00, 1 January 1970)
  126. Do not store secrets if you can avoid it. ‎(00:00, 1 January 1970)
  127. Do not store secrets in code. ‎(00:00, 1 January 1970)
  128. Do not store database connections, passwords, or keys in plaintext. ‎(00:00, 1 January 1970)
  129. Avoid storing secrets in the Local Security Authority (LSA). ‎(00:00, 1 January 1970)
  130. Use Data Protection API (DPAPI) for encrypting secrets. ‎(00:00, 1 January 1970)
  131. Retrieve sensitive data on demand. ‎(00:00, 1 January 1970)
  132. Encrypt the data or secure the communication channel. ‎(00:00, 1 January 1970)
  133. Do not store sensitive data in persistent cookies. ‎(00:00, 1 January 1970)
  134. Do not pass sensitive data using the HTTP-GET protocol. ‎(00:00, 1 January 1970)
  135. Use SSL to protect session authentication cookies. ‎(00:00, 1 January 1970)
  136. Encrypt the contents of the authentication cookies. ‎(00:00, 1 January 1970)
  137. Limit session lifetime. ‎(00:00, 1 January 1970)
  138. Protect session state from unauthorized access. ‎(00:00, 1 January 1970)
  139. Engineering Practices Overview ‎(00:00, 1 January 1970)
  140. Test page g ‎(00:00, 1 January 1970)
  141. Test page g2 ‎(00:00, 1 January 1970)
  142. Validate User Input with Regular Expressions - C ‎(00:00, 1 January 1970)
  143. Use Windows authentication ‎(00:00, 1 January 1970)
  144. Protect the credentials for SQL authentication ‎(00:00, 1 January 1970)
  145. Connect using a least privileged account ‎(00:00, 1 January 1970)
  146. Restrict unauthorized callers ‎(00:00, 1 January 1970)
  147. Restrict unauthorized code ‎(00:00, 1 January 1970)
  148. Restrict the application in the database ‎(00:00, 1 January 1970)
  149. Secure your connection strings ‎(00:00, 1 January 1970)
  150. Secure UDL files with restricted ACLs ‎(00:00, 1 January 1970)
  151. Firewall restrictions ‎(00:00, 1 January 1970)
  152. Connection string management ‎(00:00, 1 January 1970)
  153. Login account configuration ‎(00:00, 1 January 1970)
  154. Logon auditing ‎(00:00, 1 January 1970)
  155. Data privacy and integrity on the network ‎(00:00, 1 January 1970)
  156. Use least privileged accounts ‎(00:00, 1 January 1970)
  157. Use stored procedures ‎(00:00, 1 January 1970)
  158. Protect sensitive data in storage ‎(00:00, 1 January 1970)
  159. Use separate data access assemblies ‎(00:00, 1 January 1970)
  160. Trap and log ADO.NET exceptions ‎(00:00, 1 January 1970)
  161. Ensure database connections are always closed ‎(00:00, 1 January 1970)
  162. Use a generic error page in your ASP.NET applications ‎(00:00, 1 January 1970)
  163. Constrain input ‎(00:00, 1 January 1970)
  164. Use type safe SQL parameters ‎(00:00, 1 January 1970)
  165. Use Parameter Batching ‎(00:00, 1 January 1970)
  166. Use Escape Routines ‎(00:00, 1 January 1970)
  167. Encrypt sensitive data if you need to store it ‎(00:00, 1 January 1970)
  168. Secure sensitive data over the network ‎(00:00, 1 January 1970)
  169. Store password hashes with salt ‎(00:00, 1 January 1970)
  170. Create application specific event source ‎(00:00, 1 January 1970)
  171. Partition your Web site ‎(00:00, 1 January 1970)
  172. Secure restricted pages with SSL ‎(00:00, 1 January 1970)
  173. Use URL Authorization ‎(00:00, 1 January 1970)
  174. Secure the authentication cookie ‎(00:00, 1 January 1970)
  175. Use absolute URLs for navigation ‎(00:00, 1 January 1970)
  176. Use secure credential management ‎(00:00, 1 January 1970)
  177. Validate Input ‎(00:00, 1 January 1970)
  178. Encode Output ‎(00:00, 1 January 1970)
  179. Set the correct character encoding ‎(00:00, 1 January 1970)
  180. Use the ASP.NET validateRequest option ‎(00:00, 1 January 1970)
  181. Install URLScan on your Web server ‎(00:00, 1 January 1970)
  182. Use the HttpOnly cookie option ‎(00:00, 1 January 1970)
  183. Use the frame security attribute ‎(00:00, 1 January 1970)
  184. Use the innerText property ‎(00:00, 1 January 1970)
  185. Use URL authorization for page and directory access control ‎(00:00, 1 January 1970)
  186. Use File authorization with Windows authentication ‎(00:00, 1 January 1970)
  187. Use principal demands on classes and methods ‎(00:00, 1 January 1970)
  188. Use explicit role checks for fine-grained authorization ‎(00:00, 1 January 1970)
  189. Use server-side input validation ‎(00:00, 1 January 1970)
  190. Consider the identity that is used for resource access ‎(00:00, 1 January 1970)
  191. Protect credentials and authentication tickets ‎(00:00, 1 January 1970)
  192. Fail securely ‎(00:00, 1 January 1970)
  193. Consider authorization granularity ‎(00:00, 1 January 1970)
  194. Place Web controls and user controls in separate assemblies ‎(00:00, 1 January 1970)
  195. Place resource access code in a separate assembly ‎(00:00, 1 January 1970)
  196. Return generic error pages to the client ‎(00:00, 1 January 1970)
  197. Implement page-level or application-level error handlers ‎(00:00, 1 January 1970)
  198. Impersonate original caller only when required ‎(00:00, 1 January 1970)
  199. Use Programmatic Impersonation ‎(00:00, 1 January 1970)
  200. Constrain, Then Sanitize ‎(00:00, 1 January 1970)
  201. Use Regular Expressions for Input Validation ‎(00:00, 1 January 1970)
  202. Sanitize Input ‎(00:00, 1 January 1970)
  203. Validate HTML Controls ‎(00:00, 1 January 1970)
  204. Validate Input Used for Data Access ‎(00:00, 1 January 1970)
  205. Validate Input Used For File I/O ‎(00:00, 1 January 1970)
  206. Avoid storing sensitive data in view state ‎(00:00, 1 January 1970)
  207. Protect view state with MACs ‎(00:00, 1 January 1970)
  208. Use Page.ViewStateUserKey to counter one-click attacks ‎(00:00, 1 January 1970)
  209. Maintain sensitive data on the server ‎(00:00, 1 January 1970)
  210. Validate input parameters ‎(00:00, 1 January 1970)
  211. Do not pass sensitive data from page to page ‎(00:00, 1 January 1970)
  212. Avoid plain text passwords in configuration files ‎(00:00, 1 January 1970)
  213. Protect sensitive data over the wire ‎(00:00, 1 January 1970)
  214. Do not cache sensitive data ‎(00:00, 1 January 1970)
  215. Require authentication for sensitive pages ‎(00:00, 1 January 1970)
  216. Do not rely on client-side state management options ‎(00:00, 1 January 1970)
  217. Do not mix session tokens and authentication tokens ‎(00:00, 1 January 1970)
  218. Use SSL effectively ‎(00:00, 1 January 1970)
  219. Secure the session data ‎(00:00, 1 January 1970)
  220. Software Engineering Practices Overview ‎(00:00, 1 January 1970)
  221. Network Eavesdropping Attack ‎(00:00, 1 January 1970)
  222. Response Splitting Attack ‎(00:00, 1 January 1970)
  223. Server-side Code Injection Attack ‎(00:00, 1 January 1970)
  224. Attack Template ‎(00:00, 1 January 1970)
  225. Authentication, Authorization and Trust Vulnerabilities ‎(00:00, 1 January 1970)
  226. Weak Password Systems ‎(00:00, 1 January 1970)
  227. Cryptography and Secrets Vulnerabilities ‎(00:00, 1 January 1970)
  228. Failure to Follow Chain of Trust in Certificate Validation ‎(00:00, 1 January 1970)
  229. Key Exchange Without Entity Authentication ‎(00:00, 1 January 1970)
  230. Failure to Validate Host-Specific Certificate Data ‎(00:00, 1 January 1970)
  231. Failure to Check for Certificate Revocation ‎(00:00, 1 January 1970)
  232. Failure to Add Integrity Check Value ‎(00:00, 1 January 1970)
  233. Failure to Check Integrity Check Value ‎(00:00, 1 January 1970)
  234. Use of Hard Coded Cryptographic Key ‎(00:00, 1 January 1970)
  235. Storing Passwords in a Recoverable Format ‎(00:00, 1 January 1970)
  236. Using a Broken or Risky Cryptographic Algorithm ‎(00:00, 1 January 1970)
  237. Not Using a Random IV with CBC Mode ‎(00:00, 1 January 1970)
  238. Cross-site Scripting ‎(00:00, 1 January 1970)
  239. Command Injection ‎(00:00, 1 January 1970)
  240. SQL Injection ‎(00:00, 1 January 1970)
  241. Deserialization of Untrusted Data ‎(00:00, 1 January 1970)
  242. Input Validation Vulnerabilities ‎(00:00, 1 January 1970)
  243. Language Feature Misuse Vulnerabilities ‎(00:00, 1 January 1970)
  244. Failure to Protect Class Data with Accessors ‎(00:00, 1 January 1970)
  245. Logic Errors Vulnerabilities ‎(00:00, 1 January 1970)
  246. Covert Storage Channel ‎(00:00, 1 January 1970)
  247. Invoking Untrusted Mobile Code ‎(00:00, 1 January 1970)
  248. Info Disclosure Through Error Messages ‎(00:00, 1 January 1970)
  249. Info Disclosure Through Data Queries ‎(00:00, 1 January 1970)
  250. Ignored Function Return Value ‎(00:00, 1 January 1970)

View (previous 250) (next 250) (20 | 50 | 100 | 250 | 500).

Views
Personal tools