Navigation

Home
Ultimate Tool List
Free Graphics Collections
My Reading List

Search

Categories

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

On this page

More on Writing Secure Code
An Introduction to Code Access Security
Microsoft Enterprise Library
Have a Fiddle with this
Digital Black Belt
Introduction to Code Access Security
The .NET Developer's Guide to Windows Security

Archive

April, 2008 (4)
May, 2007 (2)
April, 2007 (4)
March, 2007 (5)
February, 2007 (4)
January, 2007 (1)
December, 2006 (1)
November, 2006 (3)
October, 2006 (4)
August, 2006 (3)
June, 2006 (1)
May, 2006 (1)
April, 2006 (7)
March, 2006 (5)
February, 2006 (6)
January, 2006 (2)
December, 2005 (11)
November, 2005 (14)
October, 2005 (15)
September, 2005 (30)
April, 2005 (15)
March, 2005 (5)
February, 2005 (28)

Blogroll

 Achim Oellers
 Bart DePetrillo
 Clemens Vasters
 Harry Pierson
 Jörg Freiberger
 Omar Shahine
 Scott Hanselman
 Stephen Forte
 Tom Mertens

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

RSS 2.0 | Atom 1.0 | CDF

Send mail to the author(s) E-mail

Total Posts: 178
This Year: 0
This Month: 0
This Week: 0
Comments: 551

Sign In

 Thursday, March 17, 2005
More on Writing Secure Code
Wednesday, March 16, 2005 9:04:53 PM UTC (  |  |  )

Some more links to writing secure code

| Trackback | # 
 Tuesday, February 22, 2005
An Introduction to Code Access Security
Monday, February 21, 2005 1:42:49 PM UTC (  |  |  )

Keith Brown has written an introductory article about Code Access Security (CAS).  This is something that all .NET developers should look at (me included).  Check it out here.

Related Resources
LinkArrow.gif An Introduction to Code Access Security

| Trackback | # 
 Monday, February 21, 2005
Microsoft Enterprise Library
Sunday, February 20, 2005 4:25:58 PM UTC (  |  |  )

I've done a little playing around with the Enterprise Library and it's way cool.  Thanks MS!  There are already some great resources out there, so if you haven't played around with Enterprise Library do so IMEMDIATELY!

Here are some resources for you:

| Trackback | # 
Have a Fiddle with this
Sunday, February 20, 2005 2:07:18 PM UTC (  |  |  |  )

Everyone loves a good fiddle, and if you say you don't then you are probably lying.

Okay, enough shinanigans!  Fiddler is a Microsoft PowerToy that slots itself nicely into your HTTP stream as a proxy allowing you to have a look at all that traffic going to and fro.

Fiddler.gif

There is a good MSDN article about configuring and running Fiddler which is well worth a read. Also from the Fiddler site there are some pointers to some good references.  Such as:

So there you go, lots of great stuff about fiddling with yourself.

Related Resources
LinkArrow.gif Fiddler Powertoy
LinkArrow.gif MSDN Article - Fiddler PowerToy Part 1: HTTP Debugging
LinkArrow.gif HTTP Response Codes
LinkArrow.gif Header Field Definitions
LinkArrow.gif HTTP 1.1 Specifications

| Trackback | # 
Digital Black Belt
Sunday, February 20, 2005 1:36:27 PM UTC (  |  |  )

I have just been listening to Joe Stagner's Webcast on Security and quite enjoying it.  At the moment the Digital Blackbelt series of webcasts is still very much in the early days but Joe is a great presenter and the series promises much.  Couple of things to take away from the presentation are:

  • Establish threats early
  • Design Security into the apps (hard to retro-fit)
  • Try and get security as part of the practice
  • Read some good books about security

Related Resources
LinkArrow.gif Microsoft Thread Modeling Tool
LinkArrow.gif Microsoft Security Developer Center
LinkArrow.gif Microsoft Threat Modeling Website
LinkArrow.gif Digital Blackbelt Website

| Trackback | # 
 Friday, February 18, 2005
Introduction to Code Access Security
Thursday, February 17, 2005 7:01:08 PM UTC (  |  |  )

Keith Brown has written a great introductory article about Code Access Security (CAS) in .NET. His conclusion is:

Deploying code over a network is dangerous without a comprehensive security system to verify and constrain that code, and Code Access Security is Microsoft's solution to the problem. It's a flexible, if somewhat complex beast, and as a developer working on smart clients, you should learn all you can about it, as it will play a big role in your life!

I think he's right so you should go read this article now.

Related Resources
LinkArrow.gif An Introduction to Code Access Security

| Trackback | # 
 Wednesday, February 16, 2005
The .NET Developer's Guide to Windows Security
Wednesday, February 16, 2005 11:58:23 AM UTC (  |  |  )
Douglas Macarthur once said "There is no security on this earth. Only opportunity". What a miserable bastard!  He should get himself a copy of The .NET Developer's Guide to Windows Security by Keith Brown. 

Good news is that Keith has made his book available on his Wiki site.  Even better, Ken Brubaker has distilled the wisdom of this book into some nifty best practices.

Whilst we're talking about security, check out some of these links.

 

 KeithGuidebook.gif
| Trackback | #