Archive for August 20th, 2009

Security tips for MSSQL, IIS, ASP.NET (SQL Injections)

August 20, 2009

Here are some security tips for MSSQL (sp xp_cmdshell, OPENROWSET, and OPENDATASOURCE),
IIS (very long urls, over 4096 bytes), applying non-privileged accounts and accounts in general, and so on… 😉

source: FBI and US Secret Service Advisory provides preventive measures against SQL Injection (MSSQL/IIS/.NET)

Technorati Tags: ,