Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security

Tag: ASP.NET (page 1 of 2)

Posts and information related to ASP.NET, .NET Core, ASP.NET Core and the .NET Framework

How to: Determine which .NET Framework versions are installed

Users can install and run multiple versions of the .NET Framework on their computers. When you develop or deploy your app, you might need to know which .NET Framework versions are installed on the user’s computer.

Continue reading

Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege

Microsoft Security Advisory 4021279: Microsoft is releasing this security advisory to provide information about vulnerabilities in public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications correctly.

Continue reading

Threads in C#

Just stumbled upon the Threads in C# blogpost on CsharpStar. The post gives a nice introduction into what threads in the .NET Framework are, and how to use .NET Thread Class (System.Threading.Thread namespace) for multi-threading, foreground- and background threads and so on.

Continue reading

.NET Framework 4.6 allows side loading of Windows API Set DLL

Securify reports: A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker’s share. An attacker can use this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet. This issue can be exploited even if the Office document is opened in Protected View.

Continue reading

Remove IIS Server version HTTP Response Header

How to remove HTTP response headers in IIS 7, 7.5, 8.0, 8.5, and ASP.NET. Windows Server IIS loves to tell the world that a website runs on IIS, it does so with the Server header in the HTTP response, as shown below. In this post I’ll show you how to remove response server headers in IIS. You don’t want to give hackers too much information about your servers, heh? ;-).

Continue reading

How to: Test MySQL database connectivity in ASP.NET, PHP, ASP

Simple MySQL connection test from your website with ASP.NET, PHP & classic ASP. Whenever you need a MySQL connectivity test from a website or server, it’s handy to have various test scripts nearby. Whether it is because you are setting up a new website or you have just installed a new server and are running your tests.

Continue reading

Add (custom) headers to MailMessage class

How to add custom headers to System.Net.Mail? When sending an email using the MailMessage class (System.Net.Mail namespace) in an ASP.NET website, certain email headers like Message-ID are not always set. When a Message-ID header is missing, email might be blocked by the recipients SMTP server. Therefore it is necessary to set such headers…

Continue reading

Target multiple ASP.NET versions with AppCmd.exe

How to target multiple ASP.NET versions with AppCmd? When administering an IIS web server you frequently have to use AppCmd.exe to make configuration changes. Whether it is for a specific web site or server wide. Some might think AppCmd has its limitations; for example if they don’t know the options to use they might think you can only address the x64 .NET Framework version or only x86, or you can only target the current active .NET Framework version. Fortunately this is not true, you can address both x86 and x64 versions of .NET with AppCmd. Read how…

Continue reading

Various articles (tech and non-tech)

This post provides links to some articles I found last week. The posts might be interesting in various fields of expertise, for either system administrators or developers (DevOps). Topics include: web security, WordPress performance, jQuery, ASP.NET MVC caching, partial trust, view state MAC, and fixing IIS website hangs.

Continue reading

Fix "Could not establish trust relationship for the SSL/TLS secure channel" error

Today one of our clients received a System.Net.WebException error on a newly deployed ASP.NET web application. Part of the exception was: “System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.“. Here is how we resolved that issue.

Continue reading

ASP.NET performance: what to keep in mind

(ASP).NET programmers have to keep certain rules in mind when developing high performance ASP.NET applications, and/or optimizing your existing ASP.NET website. A lot of information is available on this subject. In this post I’ll share some valuable posts, and I continue to update this post when I find something new. Posts about ASP.NET performance I frequently pass on to customers so they can improve their ASP.NET web applications.

Continue reading

Asp.Net Application Security

Finbar Ryan writes in his blog post Asp.Net Application Security: “I was recently helping a colleague with a customer who was running a security check against their IIS Server on Windows Server 2008. The security tool they used highlighted that the server was running Asp.Net and might be vulnerable to cross-site scripting attacks. The Asp.Net engine does validate every request that comes in. We do however recommend that you still ensure your application is not susceptible to the scripting attacks that are out there…

WhatWorks in AppSec: ASP.NET Defend Against Cross-Site Scripting Using The HTML Encode Shortcuts

Defend Against Cross-Site Scripting Using The HTML Encode Shortcuts. The .NET 4.0 & 4.5 frameworks introduced new syntax shortcuts to HTML encode dynamic content being rendered to the browser. These shortcuts provide an easy way to protect against Cross-Site Scripting (XSS) attacks in the newer versions of the .NET framework.

Continue reading

How to send authenticated SMTP + TLS in PHP, ASP and ASP.NET

Authenticated SMTP and TLS script examples for ASP, PHP, ASP.NET (C#/VB.Net): if you want to send secure email from your website, over an TLS-encrypted connection, this post is for you! In this post I’ll provide some code examples that you can use to send secure, and authenticated, SMTP email from your website.

Continue reading

Free eBook: OWASP Top 10 for .NET developers

Free eBook: OWASP Top 10 for .NET developers

Older posts
12 queries, 0.149 seconds running PHP version 7.2.9