如何评估我的 ASP.NET web 应用程序是否容易被入侵?
[英]How do I assess whether my ASP.NET web application is easy to break into?
问题描述
I have to develop an ASP.NET web application and publish it in Windows Azure so that it runs there under IIS7.
我必须开发一个 ASP.NET web 应用程序并将其发布在 Windows Z3A580F1422036767353 下运行它。 I don't have any serious experience developing such applications.我没有任何开发此类应用程序的严肃经验。 I constantly hear that "site X was broken into because it was doing Y in a very stupid way".我经常听到“站点 X 被入侵是因为它以非常愚蠢的方式做 Y”。 I'm kind of paranoid that I might also be doing Y (and also Z) in a very stupid way and have my application hacked in no time.我有点偏执,我可能也会以一种非常愚蠢的方式做 Y(还有 Z)并且我的应用程序很快就被黑了。
Is there a good guideline of making well protected ASP.NET web sites?是否有一个很好的指南来制作保护良好的 ASP.NET web 站点?
3 个解决方案
解决方案1
3 已采纳 2011-07-18 08:11:47
Take a look at the OWASP site and set of guidelines.看看OWASP网站和一套指南。 They are rather extensive.它们相当广泛。
They have several tools that will detect some types of vulnerabilites.他们有几种工具可以检测某些类型的漏洞。
解决方案2
2 2011-07-18 08:11:01
You may want to start from the recommended Microsoft Asp.net security practices and browse the various subsections from here.您可能希望从推荐的 Microsoft Asp.net 安全实践开始,并从此处浏览各个小节。 I think it's Asp.net 2.0 related but most of the guidelines still apply (what version will you be working on?).我认为它与 Asp.net 2.0 相关,但大多数指南仍然适用(您将使用哪个版本?)。
EDIT : here's the latest version for .net 4.0编辑:这是 .net 4.0 的最新版本
解决方案3
1 2011-07-18 21:45:55
Take a look at the OWASP Top 10 for .NET Developers series.查看.NET 开发人员系列的 OWASP Top 10 。 This will give you a step-by-step guide on how to protect against specific vulnerabilities for apps using the ASP.NET framework.这将为您提供有关如何使用 ASP.NET 框架保护应用程序免受特定漏洞的分步指南。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.