rtp
Am doing a rigorous security testing on a web application written in ASP.NET FORM am using EF and Linq for data fetching.
So I was silly enough to do some SQL Injection (i use to be a php developer , which explains that, nice excuse) and some XSS injection and i was really suprised on how well asp.net handles security. I only found one vulnerability which was a non-persistent XSS injection and fixed that used escape() in javascript.
My main question : (specially for asp.net)
1- Is there like a Linq Injection ?
2- Any tips and tricks on security things i should look for in general
3- I love security feed me anything!
scorpioxy
As far as I know:
1- You mean SQL injection for linq? No. If you use linq-to-sql or any other popular ORM or ORM-like tool then you should be ok from that class of attack.
2- Nothing speicifc for ASP.Net except the regular ones you would normally take care of using any web facing technology. In bullet form:
- validate your user input depending on your business logic, fail when something doesn't look right
- clean your user input, especially anything that will be displayed back on the browser
- use a white list instead of a black list for critical apps
- enforce multiple layers of security, ex. separate databases users for separate apps and limit their abilities, also obviously make sure your network infrastructure is secure. Lots to talk about here, but I hope you get what I mean
- do code audits on critical pieces of your application with more experienced developers, some times a fresh pair of eyes will see something you didn't see
- from a business perspecitive, investing in security is related to how high value of a target you are. So do whatever you need to, but not more.
These are some things off the top of my head. They're generic unless you have some specific questions...