EASY Vs DIFFICULT

Easy is to get a place is someone's address book.

Difficult is to get a place in someone's heart.

Easy is to judge the mistakes of others

Difficult is to recognize our own mistakes

Easy is to talk without thinking

Difficult is to refrain the tongue

Easy is to hurt someone who loves us.

Difficult is to heal the wound...

Easy is to forgive others

Difficult is to ask for forgiveness

Easy is to set rules.

Difficult is to follow them...

Easy is to dream every night.

Difficult is to fight for a dream...

Easy is to show victory.

Difficult is to assume defeat with dignity...

Easy is to admire a full moon.

Difficult to see the other side...

Easy is to stumble with a stone.

Difficult is to get up...

Easy is to enjoy life every day.

Difficult to give its real value...

Easy is to promise something to someone.

Difficult is to fulfill that promise...

Easy is to say we love.

Difficult is to show it every day...

Easy is to criticize others.

Difficult is to improve oneself...

Easy is to make mistakes.

Difficult is to learn from them...

Easy is to weep for a lost love.

Difficult is to take care of it so not to lose it.

Easy is to think about improving.

Difficult is to stop thinking it and put it into action...

Easy is to think bad of others

Difficult is to give them the benefit of the doubt...

Easy is to receive

Difficult is to give

Easy to read this

Difficult to follow

Easy is keep the friendship with words

Difficult is to keep it with meanings.

Would be old one but just a refreshing

Contents

What ASP.NET Developers Should Always Do
Where the Threats Come From
ViewStateUserKey
Cookies and Authentication
Session Hijacking
EnableViewStateMac
ValidateRequest
Database Perspective
Hidden Fields
E-mails and Spam
Summary
Related Resources

What ASP.NET Developers Should Always Do

If you're reading this article, you probably don't need to be lectured about the growing importance of security in Web applications. You're likely looking for some practical advice on how to implement security in ASP.NET applications. The bad news is that no development platform—including ASP.NET—can guarantee you'll be writing 100-percent secure code once you adopt it—who tells that, just lies. The good news, as far as ASP.NET is concerned, is that ASP.NET, especially version 1.1 and the coming version 2.0, integrates a number of built-in defensive barriers, ready to use.

The application of all these features alone is not sufficient to protect a Web application against all possible and foreseeable attacks. However, combined with other defensive techniques and security strategies, the built-in ASP.NET features form a powerful toolkit to help ensure that applications operate in a secure environment.

Web security is the sum of various factors and the result of a strategy that goes well beyond the boundaries of the individual application to involve database administration, network configuration, and also social engineering and phishing.

The goal of this article is to illustrate what ASP.NET developers should always do in order to keep the security bar reasonably high. That's what security is mostly about—keep the guard up, never feel entirely secure, and make it harder and harder for the bad guys to hack.

Let's see what ASP.NET has to offer to simplify the job.

Where the Threats Come From

In Table 1, I've summarized the most common types of Web attacks and flaws in the application that can make them succeed.

More at ....

Take Advantage of ASP.NET Built-in Features to Fend Off Web Attacks

http://msdn2.microsoft.com/en-us/library/ms972969.aspx