Summary

Previous page
Table of content
Next page

This chapter showed the top threats to data access code and highlighted the common vulnerabilities. SQL injection is one of the main threats to be aware of. Unless you use the correct countermeasures discussed in this chapter, an attacker could exploit your data access code to run arbitrary commands in the database. Conventional security measures such as firewalls and SSL provide no defense to SQL injection attacks. You should thoroughly validate your input and use parameterized stored procedures as a minimum defense.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
The CISSP and CAP Prep Guide: Platinum Edition
Adobe After Effects 7.0 Studio Techniques
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy