Sensitive information should not be kept as clear text. At times we need to store sensitive information into web.config file. We store the database connection string in unencrypted format also. Some of the vulnerability in doing so..
1. Client changes things they shouldn't change in the web.config file.
2. An employee of your ISP can read your sensitive data when your site is hosted in a shared hosting environment
Since Web.config may contain sensitive data such as connection strings, it is important that the contents of Web.config be kept safe and hidden from unauthorized viewers. By default, any HTTP request to a file with the .config extension is handled by the ASP.NET engine, which returns the “This type of page is not served” message.
But what if an attacker is able to find some other exploit that allows them to view the Web.config file’s contents? What could an attacker do with this information, and what steps can be taken to further protect the sensitive information within Web.config? Fortunately, most sections in Web.config do not contain sensitive information. What harm can an attacker perpetrate if they know the name of the default Theme used by your ASP.NET pages?
Certain Web.config sections, however, contain sensitive information that may include connection strings, user names, passwords, server names, encryption keys, and so forth. This information is typically found in the following Web.config sections:
• appSettings
• connectionStrings
• identity
• sessionState
Refer the following link to read more on this article by.. Scott Mitchell
http://www.asp.net/Learn/data-access/tutorial-73-cs.aspx
No comments:
Post a Comment