Home All Groups Group Topic Archive Search About

.NET Security

microsoft.public.dotnet.security
Score Another StrongNameIdentityPermission/LinkDemand question
jacurry - 28 Jul 2006 6:03 PM - 6 messages
I've seen a lot of traffic on the newsgroup about using StrongNameIdentityPermission with LinkDemand to restrict the direct caller only trusted assemblies, and it seems like this should work.  I added the following attributes to a method in a strong named assembly ...
Score IIS 5.1 security
Durga - 28 Jul 2006 11:15 AM - 2 messages
Hi all,         I have IIS 5.1 and dotnet 2003. I want to provide 100% secutity to IIS. It should not affect by hackers.         How can I do this? ...
Score Signing trouble ??
serge calderara - 28 Jul 2006 8:56 AM - 2 messages
Dear all, In my project I have many assembly made from my own wich refer each other. Ideally what I would like to do to cover security is signing all my assembly with strong name. So far so good nothing complicated on that except that one ...
Score Client Certifcate Info in Web Service
DaveR - 27 Jul 2006 7:21 PM - 3 messages
How Do I go about accessing the Client Certifcate info in .NET for a web service? All I can seem to find for an object containing this info is: HttpClientCertificate cert = Request.ClientCertificate; however, Request is not found...i'm guessing this is for an ASP.NET app vs ...
Score SIMple SSL question ??
serge calderara - 27 Jul 2006 5:15 PM - 6 messages
Dear all, I am sudying the SSL configuration of web site using certificate. On my reading it is mention that if an attacker  retrieve the certificate request file and install it on his machine, he can use it to decrypt the ...
Score Authentication method ??
serge calderara - 27 Jul 2006 12:21 PM - 4 messages
Dear all, When you check the authentication method for a web site under IIS configuration, by default it has the Enable Anonymous Acces and Integrated Windows Authentication set. If you have the Integarted Windows Authenticatin set, it means for me that ...
Score Use of Unrestricted flag ???
serge calderara - 27 Jul 2006 8:17 AM - 5 messages
Dear all, I have seen in samples following assembly atribute : <Assembly: Security.Permissions.FileIOPermission(Security.Permissions.SecurityAction.RequestOptional, Unrestricted:=True)> What does the Unrestricted Flag means ? regards serge ...
Score Determine who created a file
TM - 27 Jul 2006 6:33 AM - 2 messages
How can you determine who created a file?  Using VB2005, .Net Framework 2.0. ...
Score how to grant the application the required permission?
sgllc98 - 26 Jul 2006 8:22 PM - 6 messages
Hi gurus, I wrote a small exe file using vs 2005. the exe file is pretty simple. just open a web site using System.Diagnostics.Process.Start("http://website"). The exe file works fine in my machine. But it can not open the website if I run it in ...
Score PGP - recommendations
Al Smith - 26 Jul 2006 2:08 PM - 9 messages
Hi, Does anyone have any recommendations for a third parties PGP API for use in ..net?  I am specifically looking to encrypt files that get sent to a bank. Thanks Al ...
Score Storing a private key
pigeonrandle - 26 Jul 2006 10:16 AM - 5 messages
Hi, I have a server and client program. The client encrypts data being sent to the server using the servers public key before it transmits it to the server over a tcp connection. The question i have though, is where do i store the private key on the ...
Score Digitally sign files from within a web application
Joao Maia - 26 Jul 2006 9:42 AM - 27 messages
Hi there, I am a newbie to the security framework of .net and to digital signatures, and I need some help regarding signing files in .net. Here's my problem: I have a web application developed in asp.net (with ...
Score problem impersonating when remoting
ThunderMusic - 25 Jul 2006 4:00 PM - 7 messages
Hi, When I try to use impersonation when remoting I always get an exception even when the server and client are on the same computer...  Here are my 2 config lines for the channels (that's about all there is in each config files) ...
Score Encrypting connection strings - Threat model - Best practices
letibal - 25 Jul 2006 10:24 AM - 2 messages
Hello, I have read several articles about encrypting db connection strings and I do not really understand the fundamental reason behind this. Most articles advocate the use of DPAPI, which takes care of key management tasks. However, if the machine where the software runs is ...
Score interop & performance
Lloyd Dupont - 25 Jul 2006 9:45 AM - 13 messages
I have an application which use has a DLL with 100+ (auto-generated) Managed C++ wrapper around some native API. Compare to a purely version my application has some performance issue and I just realized it is probably due to the security check which happen just ...
Score Impersonation problem
dodot63 - 25 Jul 2006 9:36 AM - 9 messages
Hi there, I'm trying to create Windows users in my NT4 domain using ADSI, from a web application (ASPX / VB / framework version 1.1). I am using Web.config to impersonate an admin account :         <identity impersonate="true" userName="the-domain\the-admin" ...
Score Problem using obfuscation
Usman Jamil - 25 Jul 2006 7:44 AM - 12 messages
Hi I'm working on a project that has multiple modules. Most of the modules (windows services, Class libraries) are coded in C#. There are multiple class libraries which use each other's classes too having refrence added in them. To avoid exact code decompilation, I tried using obfuscation on all ...
Score Directory Security
Colin Halliday - 25 Jul 2006 2:56 AM - 2 messages
Can anyone point in the direction of a good reference, using VB.Net, for working with directory security? My code has located a directory that has inherited access rights form a parent directory.  I want to programmatically turn off the inheritance from ...
Score Dotnet 2.0 PCKS CheckSignature Error
vijayg - 24 Jul 2006 11:44 PM - 8 messages
Hello, I am extracting a pkcs7-signature part from a s/mime message. When I verifiy the signature I get a CryptographicException "The hash value is not correct" . I am using CheckSignature(true), therefore it should verify signature only and not worry about the certificates. ...
Score What permission do I need to add a user to a group? (C#)
Brian Hampson - 23 Jul 2006 5:59 AM - 10 messages
I am trying to determine all the groups which the current user has permissions to add a member. Here's my code: foreach (System.DirectoryServices.SearchResult ADSearchres in ADSearch.FindAll())             { ...
Next » 2 3 4 5 6 7 8 9 10