Archive for the ‘security’ Category

Preventing Cross Site Scripting (XSS) Attacks

May 18th, 2007 Comments off

If you are developing real world ASP.NET applications then security is something that you should be concerned about. How do you make your site or application is tamper proof but still make it flexible enough from an end user point of view ?

In order to make your web application more secure then you should take a look at the Microsoft Anti-Cross Site Scripting Library

Also, to learn more about preventing Cross Site Scripting in general there is a good MSDN Patterns and Practices article available at How To: Prevent Cross-Site Scripting in ASP.NET

Categories: .NET, security, Web 2.0 Tags:

Securing your Wireless Network

March 19th, 2007 5 comments

I am setting up a Wifi network at home and this post details some of the security measures that I have taken. This is mainly advice that I have gotten from friends or just by googling. I am sure that I won’t mention everything you could do to secure your wifi network but it is at least a start. If you have any other tips then please leave a comment.

Change the default admin username/password
My router (Netopia) came with no login required so anyone on my home network could easier reconfigure my wireless router. This is an obvious security risk so you should ensure that credentials are required to change the router’s configuration and also ensure that you change the password to something other than the default.

Turn on Wireless Encryption
Any decent wireless router should come with this already turned on but you need to check this. My wireless router arrived with WEP enabled. Definitely better that no encryption at all but most wireless routers these days also support WPA which is actually more secure so you should change it to that to prevent someone from hacking your network.

MAC Address Filtering
Each network card is assigned a unique MAC address by the manufacturer. By enabling MAC address filtering you are only allowing computers with the preset MAC addresses access to the network. So in your router’s configuration you will need to add the MAC address of each device that you want to allow to access the network. Remember that if you friend calls around with their laptop then you will need to add their MAC address to the list. Apparently it is relatively easy to spoof a MAC address, a quick google told me how to change my MAC address in a matter of seconds. Still worth doing though

Static IP Addresses
For each device/computer to work correctly on the network it has to have a valid IP address. My wireless router was preconifgured to use DHCP (this is were the router dynamically assigns IP addresses to each computer that requests one). It is more secure to assign a Static IP address to each computer that requires access to the network. You will need to reconfigure your router to use static ip addressed instead of DHCP. Since a hacker is now not automatically assigned an IP address he/she would have to gain access to the router first to get an IP address.

Enable Firewalls
You should enable the in-built firewall in your wireless router and also ensure that you have a firewall on each device connected to your network. If you are running Windows that you can use either Windows Firewall or ZoneAlarm (free – I use this one).

These are by no means the only things that you can do to secure your network but it should be a good start. If you have any other ideas then please leave a comment.

Categories: security, Windows Tags: