Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The useful list of documentation and guidelines on ASP.NET 2.0 and SQL Server 2005 (this is updated list as the old lists addresses have been changed)
Reference: patterns & practices Security How Tos Index
ASP.NET 2.0
- How To: Configure the Machine Key in ASP.NET 2.0
- How To: Connect to SQL Server Using SQL Authentication in ASP.NET 2.0
- How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0
- How To: Create a Service Account for an ASP.NET 2.0 Application
- How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
- How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
- How To: Instrument ASP.NET 2.0 Applications for Security
- How To: Improve Security When Hosting Multiple Applications in ASP.NET 2.0
- How To: Perform a Security Deployment Review for ASP.NET 2.0
- How To: Prevent Cross-Site Scripting in ASP.NET
- How To: Protect Forms Authentication in ASP.NET 2.0
- How To: Protect From Injection Attacks in ASP.NET
- How To: Protect From SQL Injection in ASP.NET
- How To: Use ADAM for Roles in ASP.NET 2.0
- How To: Use Authorization Manager (AzMan) with ASP.NET 2.0
- How To: Use Code Access Security in ASP.NET 2.0
- How To: Use Forms Authentication with Active Directory in ASP.NET 2.0
- How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0
- How To: Use Forms Authentication with SQL Server in ASP.NET 2.0
- How To: Use Health Monitoring in ASP.NET 2.0
- How To: Use Impersonation and Delegation in ASP.NET 2.0
- How To: Use Medium Trust in ASP.NET 2.0
- How To: Use Membership in ASP.NET 2.0
- How To: Use the Network Service Account to Access Resources in ASP.NET
- How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0
- How To: Use Regular Expressions to Constrain Input in ASP.NET
- How To: Use Role Manager in ASP.NET 2.0
- How To: Use Windows Authentication in ASP.NET 2.0
Authentication and Authorization
- How To: Connect to SQL Server Using SQL Authentication in ASP.NET 2.0
- How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0
- How To: Create GenericPrincipal Objects with Forms Authentication
- How To: Protect Forms Authentication in ASP.NET 2.0
- How To: Use Authorization Manager (AzMan) with ASP.NET 2.0
- How To: Use Forms Authentication with Active Directory
- How To: Use Forms Authentication with Active Directory in ASP.NET 2.0
- How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0
- How To: Use Forms Authentication with SQL Server 2000
- How To: Use Forms Authentication with SQL Server in ASP.NET 2.0
- How To: Use Windows Authentication in ASP.NET 2.0
Code Access Security
- How To: Create a Custom Encryption Permission
- How To: Use Code Access Security in ASP.NET 2.0
- How To: Use Code Access Security Policy to Constrain an Assembly
Code Review
Communications Security
- How To: Call a Web Service Using Client Certificates from ASP.NET
- How To: Call a Web Service Using SSL
- How To: Set Up SSL on a Web Server
- How To: Set Up Client Certificates
- How To: Use IPSec for Filtering Ports and Authentication
- How To: Use IPSec to Provide Secure Communication Between Two Servers
- How To: Use SSL to Secure Communication with SQL Server 2000
Configuration
- How To: Create a Custom Account To Run ASP.NET
- How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
- How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
Cryptography
- How To: Create a DPAPI Library
- How To: Create an Encryption Library
- How To: Store an Encrypted Connection String in the Registry
- How To: Use DPAPI (Machine Store) from ASP.NET
- How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services
Deployment Review
Enterprise Services (.NET Framework 1.1)
Impersonation and Delegation
- How To: Implement Kerberos Delegation for Windows 2000
- How To: Use Impersonation and Delegation in ASP.NET 2.0
Input and Data Validation
- How To: Prevent Cross-Site Scripting in ASP.NET
- How To: Protect From Injection Attacks in ASP.NET
- How To: Protect From SQL Injection in ASP.NET
- How To: Use Regular Expressions to Constrain Input in ASP.NET
Patching and Updating
SQL Server 2000
- How To: Connect to SQL Server Using SQL Authentication in ASP.NET 2.0
- How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0
- How To: Protect From SQL Injection in ASP.NET
- How To: Use Forms Authentication with SQL Server in ASP.NET 2.0
- How To: Use SSL to Secure Communication with SQL Server 2000
Threat Modeling
Web Services (.NET Framework 1.1)
- How To: Call a Web Service Using Client Certificates from ASP.NET
- How To: Call a Web Service Using SSL
A Through Z
- How To: Call a Web Service Using Client Certificates from ASP.NET
- How To: Call a Web Service Using SSL
- How To: Create a Custom Account to Run ASP.NET
- How To: Create a Custom Encryption Permission
- How To: Create a DPAPI Library
- How To: Create an Encryption Library
- How To: Create GenericPrincipal Objects with Forms Authentication
- How To: Configure the Machine Key in ASP.NET 2.0
- How To: Connect to SQL Server Using SQL Authentication in ASP.NET 2.0
- How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0
- How To: Create a Service Account for an ASP.NET 2.0 Application
- How To: Create a Threat Model for a Web Application at Design Time
- How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
- How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
- How To: Harden the TCP/IP Stack
- How To: Host a Remote Object in a Windows Service
- How To: Implement IPrincipal
- How To: Implement Kerberos Delegation for Windows 2000
- How To: Implement Patch Management
- How To: Improve Security When Hosting Multiple Applications in ASP.NET 2.0
- How To: Instrument ASP.NET 2.0 Applications for Security
- How To: Perform a Security Code Review for Managed Code (Baseline Activity)
- How To: Perform a Security Deployment Review for ASP.NET 2.0
- How To: Prevent Cross-Site Scripting in ASP.NET
- How To: Protect Forms Authentication in ASP.NET 2.0
- How To: Protect From Injection Attacks in ASP.NET
- How To: Protect From SQL Injection in ASP.NET
- How To: Secure Your Developer Workstation
- How To: Set Up SSL on a Web Server
- How To: Set Up Client Certificates
- How To: Store an Encrypted Connection String in the Registry
- How To: Use ADAM for Roles in ASP.NET 2.0
- How To: Use Authorization Manager (AzMan) with ASP.NET 2.0
- How To: Use Code Access Security in ASP.NET 2.0
- How To: Use Code Access Security Policy to Constrain an Assembly
- How To: Use DPAPI (Machine Store) from ASP.NET
- How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services
- How To: Use Forms Authentication with Active Directory
- How To: Use Forms Authentication with Active Directory in ASP.NET 2.0
- How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0
- How To: Use Forms Authentication with SQL Server 2000
- How To: Use Forms Authentication with SQL Server in ASP.NET 2.0
- How To: Use Health Monitoring in ASP.NET 2.0
- How To: Use IISLockdown.exe
- How To: Use Impersonation and Delegation in ASP.NET 2.0
- How To: Use IPSec for Filtering Ports and Authentication
- How To: Use IPSec to Provide Secure Communication Between Two Servers
- How To: Use Medium Trust in ASP.NET 2.0
- How To: Use Membership in ASP.NET 2.0
- How To: Use the Network Service Account to Access Resources in ASP.NET
- How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0
- How To: Use Regular Expressions to Constrain Input in ASP.NET
- How To: Use Role-based Security with Enterprise Services
- How To: Use Role Manager in ASP.NET 2.0
- How To: Use SSL to Secure Communication with SQL Server 2000
- How To: Use URLScan
- How To: Use Windows Authentication in ASP.NET 2.0
Comments
- Anonymous
October 03, 2007
PingBack from http://www.artofbam.com/wordpress/?p=4997