Developing More-Secure Microsoft ASP.NET 2.0 Applications
| |||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||
| Sort customer reviews by: | |||||||||||||||||||||||||||||
|
Show All Reviews on Page
Hide All Reviews on Page
| |||||||||||||||||||||||||||||
| Developing More-Secure Microsoft ASP.NET 2.0 Applications | |||||||||||||||||||||||||||||
|
Get hands-on, expert guidance for developing more secure Web applications with ASP.NET 2.0 with this in-depth reference. The nature of the Web and its underlying communication protocols make Web applications harder to secure and, therefore, primary targets for hacking attacks and other kinds of compromises. This book guides you through the possible vulnerabilities of Web-based applications and shows you how to help mitigate them in your own applications. Start with the ingredients of security-enhanced Web applications from the ground up, beginning with Web server set-up, and learn how to harden that machine for a potentially hostile environment such as the Internet. Then move on to in-depth treatment of crucial topics such as how to use ASP.NET to perform proper input validation; choosing from the numerous options for authenticating and authorizing users; how to store application-related and user-related sensitive data in a secure fashion; how to incorporate detection; and error logging measures. This guide covers how to integrate ASP.NET into the Microsoft Windows- security infrastructure and how to effectively use impersonation, delegation, and Active Directory- directory service. You will also learn about new Microsoft Windows Server#153; 2003 features, such as constrained delegation and protocol transition. Coverage extends to one of the most underutilized features of ASP.NET#151;running in partial trust. The book concludes with guidance on how to conduct audits and penetration tests and how to integrate them in the development process. Written by a leading authority and trainer, this reference comes complete with best practices based on real-world experience and extensive code samples in C#.
|
|||||||||||||||||||||||||||||
| Reader Reviews 1 - 6 of 6 | |||||||||||||||||||||||||||||
| Review Date |
Review Rating(5 High) |
Review Helpful to: |
Customer Review | Reviewer Info |
Permanent Link |
||||||||||||||||||||||||
| Reader Reviews Below Sorted by Newest First | |||||||||||||||||||||||||||||
| 11-22-08 | 5 | (NA) |
| Reviewer | Permalink | ||||||||||||||||||||||||
|
I needed to get Kerberos authentication working between a web service on one IIS server, a windows service on another server, and SQL server running on a third server and was running into the Windows NT authentication "double hop" problem. I struggled for days reading various web sources trying to make heads or tails of how to do it with no success until I found it here using the "Look Inside" feature here on Amazon. This tells you how to do it, point by point, in surprisingly clear writing.
I immediately bought the book and have been grinding my way through it ever since. It's about security so it's not that fun (who wouldn't rather be learning about Ajax, SilverLight, or anything else that will wow the people at work) but it's surprisingly palatable for developers like me (and most developers I've ever met) who think of security issues as the equivalent of cod liver oil. (Review Data Last Updated: 2008-12-27 05:14:50 EST)
|
|||||||||||||||||||||||||||||
| 03-18-08 | 5 | 1\1 |
| Reviewer | Permalink | ||||||||||||||||||||||||
|
I am an ASP.NET newbie and found this book very helpful in understanding authentication, authorization, role based security, input validation etc. I am a desktop developer and found the web development model difficult to understand initially but this book cleared up my mind in the security related parts. The book is written in a very clear and concise manner and uses diagrams to explain concepts which which I found very helpful. There are practical advices sprinkled all over the book along with the "why" of it.
In short, this is a very well written book which improved my asp.net knowledge and skills considerably. Highly recommended. (Review Data Last Updated: 2008-11-23 04:26:02 EST)
|
|||||||||||||||||||||||||||||
| 09-06-07 | 5 | 2\3 |
| Reviewer | Permalink | ||||||||||||||||||||||||
|
I really wish I could give this book 6 stars, it has been an indespensable resource for learning techniques to develop more secure applications. With so many dangers lurking out there it is increasingly important to not only be able to develop secure applications but to understand the .net security mechanisms as well. This book will leave no questions unanswered, if for no other reason purchase this book for chapter 8 on partial trust, I have not come across any resource that covered this topic so thoroughly. It's treatment of sandboxing and code partitioning alone make the book worth every penny paid. If your looking to continually improve the quality of your code and sites don't leave this book off your list.
(Review Data Last Updated: 2008-03-18 09:45:11 EST)
|
|||||||||||||||||||||||||||||
| 10-05-06 | 5 | 2\12 |
| Reviewer | Permalink | ||||||||||||||||||||||||
|
This is a book by a MS Developer Security MVP for any and all developers writing ASP.NET 2.0 applications. Not only does it cover all the usual suspects and provides practical prescriptive guidance on how to deal with them with examples; it also deals with the tough "hot topics" like partial trust. The book is both complete in breadth and depth and really does provide a single good reference book on ASP.NET security.
I can not recomend it with more guster. Confession I helped write the tools chapter which is why I know (and yes I am a fellow MS Developer Security MVP)! (Review Data Last Updated: 2007-09-06 20:57:40 EST)
|
|||||||||||||||||||||||||||||
| 10-05-06 | 5 | 2\6 |
| Reviewer | Permalink | ||||||||||||||||||||||||
|
This is a book by a MS Developer Security MVP for any and all developers writing ASP.NET 2.0 applications. Not only does it cover all the usual suspects and provides practical prescriptive guidance on how to deal with them with examples; it also deals with the tough "hot topics" like partial trust. The book is both complete in breadth and depth and really does provide a single good reference book on ASP.NET security.
I can not recomend it with more guster. Confession I helped write the tools chapter which is why I know (and yes I am a fellow MS Developer Security MVP)! (Review Data Last Updated: 2007-04-12 11:42:12 EST)
|
|||||||||||||||||||||||||||||
| 10-04-06 | 5 | 2\6 |
| Reviewer | Permalink | ||||||||||||||||||||||||
|
This is a book by a MS Developer Security MVP for any and all developers writing ASP.NET 2.0 applications. Not only does it cover all the usual suspects and provides practical prescriptive guidance on how to deal with them with examples; it also deals with the tough "hot topics" like partial trust. The book is both complete in breadth and depth and really does provide a single good reference book on ASP.NET security.
I can not recomend it with more guster. Confession I helped write the tools chapter which is why I know (and yes I am a fellow MS Developer Security MVP)! (Review Data Last Updated: 2007-04-11 08:49:26 EST)
|
|||||||||||||||||||||||||||||
| Reader Reviews 1 - 6 of 6 | |||||||||||||||||||||||||||||
| All Books | Arts | Biography | Click Here For An A-Z Index Of All 213 Best-Seller Subjects | Business | Children's | Comics | ||||||
| Computers | Cooking | Engineering | Entertainment | Health | History | Home | Horror | Humor | Law | Fiction | Medicine | Mystery |
| Nonfiction | Outdoors | Parenting | Professional | Reference | Religion | Romance | Science | Sci-Fi | Sports | Teens | Travel | |
