Security tips for MSSQL, IIS, ASP.NET (SQL Injections)

Here are some security tips for MSSQL (sp xp_cmdshell, OPENROWSET, and OPENDATASOURCE),
IIS (very long urls, over 4096 bytes), applying non-privileged accounts and accounts in general, and so on… 😉

source: FBI and US Secret Service Advisory provides preventive measures against SQL Injection (MSSQL/IIS/.NET)

Technorati Tags: SQL Injections, Security

Advertisements