You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Management

Security Management White Papers

Eliminate SQL Injection Attacks Painlessly With LINQ

Overview As developers assume more of the security burden, the first web application vulnerability that many developers learn about is a particularly dangerous form of command injection known as SQL injection. Because it's so well-known, SQL injection attacks are common, dangerous, and pervasive. Fortunately, developers can prevent SQL injection easily once they understand the problem. Even better, a new Microsoft data access technology offers .NET developers the opportunity to eliminate SQL injection vulnerabilities altogether - when used properly. That technology is called Language INtegrated Query (LINQ), and it will ship in the upcoming release of Visual Studio "Orcas" and .NET Framework 3.5. This paper explores LINQ's potential for hardening the web application's data access code so that it's impossible to attack through SQL Injection.

Further White Paper Details
Publisher	Jupitermedia	File Format	HTML
Date Published	May 2007	Downloads	3
Format	White Papers
Topics	Security Management, .NET, Application Development

Did you find this white paper useful? 1 out of 1 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

NAC 2.0: A new model for a more secure future

Publisher:
Sophos

Ethical Hacking and Risk Assessments

Publisher:
Global Knowledge

Three security threats you'll never have heard of

Security expert Wray said although most companies are aware of viruses, worms, Trojans and Denial of Service (DOS) attacks, many IT departments have never heard of such threats as input validation attacks, SQL injection or reverse channel Trojans.

Channel:
Security Strategy

Slammer time - SQL worm brings net to its knees over weekend

This will prevent external attacks from exploiting the vulnerability. Suppose there were two SQL Servers with the vulnerability, Server 1 and Server 2. It was a vulnerability. SQL Slammer's code instructs the Microsoft SQL Server to go into an...

Channel:
Security Strategy

Hackers preying on patching headache

A technique known as SQL injection is also a problem that leaves many companies exposed, according to dryice - who also now works in the IT industry. Here they reveal how businesses are still leaving themselves woefully exposed to even the most...

Microsoft game for plugging two security flaws

The vulnerability in the viewer could allow an attacker to delete and modify files on the victim's system. The two flaws are ranked as "moderate," the software giant's second-lowest grade for security vulnerabilities.

Channel:
Security Strategy

Web server worm threatens Linux systems

The worm exploits three vulnerabilities to propagate the XML-RPC for PHP Remote Code Injection vulnerability; AWStats Rawlog Plugin Logfile Parameter Input Validation vulnerability; and Darryl Burgdorf's Webhints Remote Command Execution...

Channel:
Malware
Tags:
worm,
viruses worms,
linux

Three dire Windows holes patched

Amol Sarwate, a research manager at vulnerability management company Qualys, said: "While we see Microsoft making an attempt to patch zero-day vulnerabilities, they are still struggling to keep up with the continuous influx of zero-day attacks.

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

Security Management White Papers

Eliminate SQL Injection Attacks Painlessly With LINQ

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific