Hi I've a dotnet project that has refrences of some COM components written in VC++. I have not been able to assign my dotnet project a strong name because this COM refrence is strongly named. Can someone please tell me that how can I assign strong name to this com component too. Somewhere i...more >>

Hi NG, I have just started doing .NET 2.0 and I am a bit curious about the System.Security.Principal and System.Security.AccessControl namespaces and their interaction. I have a simple task: Given a NTAccount object (and a password), tell me whether that account can execute a file or not. I...more >>

This the error that I get.. " Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection" This is the flow. IE==>ASP.net Web Site (Basic Authentication enabled and impersonation true in web.config) == makes a call to==>Web service on a different machine(N...more >>

I have written a .net app that basically collects a few pieces of information from the computer it was executed on. (Domain,User,MachineName, etc....) I would like to deploy this executable to a location on the network and include it in the logon script. However, when testing i discovered t...more >>

IdentityReferenceCollection irc = windowsIdentity.Groups; foreach (IdentityReference ir in irc) { System.Diagnostics.Debug.WriteLine(ir.Value); Shows only SID (S-1-5-32-545S-1-5-32-545 etc) how do I get the real name? I need to see if a user belongs to certain...more >>

I've seen a lot of traffic on the newsgroup about using StrongNameIdentityPermission with LinkDemand to restrict the direct caller only trusted assemblies, and it seems like this should work. I added the following attributes to a method in a strong named assembly (dll). [StrongNameIden...more >>

Hi all, I have IIS 5.1 and dotnet 2003. I want to provide 100% secutity to IIS. It should not affect by hackers. How can I do this? Are there any articles on this? Please suggest me. I am new to IIS. Thanks in advance. -- Regards, Durga....more >>

Dear all, In my project I have many assembly made from my own wich refer each other. Ideally what I would like to do to cover security is signing all my assembly with strong name. So far so good nothing complicated on that except that one of the assembly that I try to sign as a reference to ...more >>

How Do I go about accessing the Client Certifcate info in .NET for a web service? All I can seem to find for an object containing this info is: HttpClientCertificate cert = Request.ClientCertificate; however, Request is not found...i'm guessing this is for an ASP.NET app vs an ASP.NET Web ...more >>

Dear all, I am sudying the SSL configuration of web site using certificate. On my reading it is mention that if an attacker retrieve the certificate request file and install it on his machine, he can use it to decrypt the traffic between the initial web server and the client. What I have...more >>

Dear all, When you check the authentication method for a web site under IIS configuration, by default it has the Enable Anonymous Acces and Integrated Windows Authentication set. If you have the Integarted Windows Authenticatin set, it means for me that you absolutly need to provide corr...more >>

Dear all, I have seen in samples following assembly atribute : <Assembly: Security.Permissions.FileIOPermission(Security.Permissions.SecurityAction.RequestOptional, Unrestricted:=True)> What does the Unrestricted Flag means ? regards serge...more >>

How can you determine who created a file? Using VB2005, .Net Framework 2.0. ...more >>

Hi gurus, I wrote a small exe file using vs 2005. the exe file is pretty simple. just open a web site using System.Diagnostics.Process.Start("http://website"). The exe file works fine in my machine. But it can not open the website if I run it in another machine. I got an error box say, The a...more >>

Hi, Does anyone have any recommendations for a third parties PGP API for use in ..net? I am specifically looking to encrypt files that get sent to a bank. Thanks Al ...more >>

Hi, I have a server and client program. The client encrypts data being sent to the server using the servers public key before it transmits it to the server over a tcp connection. The question i have though, is where do i store the private key on the server so that it will be safe?! In my mind...more >>

Hi there, I am a newbie to the security framework of .net and to digital signatures, and I need some help regarding signing files in .net. Here's my problem: I have a web application developed in asp.net (with ..net framework 1.1). This web app has a support database and can access files th...more >>

Hi, When I try to use impersonation when remoting I always get an exception even when the server and client are on the same computer... Here are my 2 config lines for the channels (that's about all there is in each config files) Client : <channel ref="tcp" secure="true" tokenImpersonationL...more >>

Hello, I have read several articles about encrypting db connection strings and I do not really understand the fundamental reason behind this. Most articles advocate the use of DPAPI, which takes care of key management tasks. However, if the machine where the software runs is compromised, th...more >>

Hi there, I'm trying to create Windows users in my NT4 domain using ADSI, from a web application (ASPX / VB / framework version 1.1). I am using Web.config to impersonate an admin account : <identity impersonate="true" userName="the-domain\the-admin" password="the-password" /> Th...more >>

I have an application which use has a DLL with 100+ (auto-generated) Managed C++ wrapper around some native API. Compare to a purely version my application has some performance issue and I just realized it is probably due to the security check which happen just before each of the (numerous)...more >>

Hi I'm working on a project that has multiple modules. Most of the modules (windows services, Class libraries) are coded in C#. There are multiple class libraries which use each other's classes too having refrence added in them. To avoid exact code decompilation, I tried using obfuscation o...more >>

Can anyone point in the direction of a good reference, using VB.Net, for working with directory security? My code has located a directory that has inherited access rights form a parent directory. I want to programmatically turn off the inheritance from above, completely remove all existing...more >>

Hello, I am extracting a pkcs7-signature part from a s/mime message. When I verifiy the signature I get a CryptographicException "The hash value is not correct" . I am using CheckSignature(true), therefore it should verify signature only and not worry about the certificates. This message...more >>

Hi, I developed an ActiveX control with C#. This works fine on local machine but not on Internet domain. After evaluating the assembly it turns out that I do not have full trust for this assembly. Trying to increase assembly trust I do get the following error: "Application attempted to per...more >>

I am trying to determine all the groups which the current user has permissions to add a member. Here's my code: foreach (System.DirectoryServices.SearchResult ADSearchres in ADSearch.FindAll()) { //ActiveDs.ADSearchres.Properties["ntSecurityDescriptor"] ADChi...more >>

hi everyone, i do not have much experience about encryption. So sorry if my question is a little silly. i have problems about storing KEYS that are used in encryption. i could not decide where should i store my keys or how should i store them. We have this scenario in our Project: We a...more >>

I'm using asp.net 1,C#.my application has a form authentication but there are some aspx pages that all clients, include unauthenticated clients, should be able to visit them. i can not use html pages because i need connecting to database...more >>

Hi, I am writing a string encrypt/decrypt for Pocket PC device using RSACryptoServiceProvider class(OpenNETCF.Security.Cryptography) and able the encrypt the string but getting the error while decrypting Code snippets as follows string pwdStr = "" test ; //Encrypt public string EncryptS...more >>

Hi, I show the public and private key stored in a pfx file. The public key is the same every time I run the program, but the private key isn't. Can someone explain to me why the private key isn't the same every time I run the program? I show the keyexponent and keymodulus of the public key,...more >>

Dear all, I am a bit confuse with hashing and Digitaly sign data. I have understand that hashing a file with a keyed Hash class, you are protecting hash value to be modified becasue it is regenerated with a secret key exanged between the sender and receiver. The receiver will then trust the ...more >>

Hi, I'm currently having a problem for which I haven't foud a solution. I've got a winform application (C#, .NET 1.1) which should work correctly on Vista (currently Beta 2). I'm trying to do a send key but it does crash when the OS is Vista (It works fine on Windows XP and lower). He...more >>

I have a solution with a Windows Application project and two Class Library Projects. I'd like to have the ability to "protect" my Class Libraries from someone copying them and using them in their project. What would be the procude to ensure that the Class Libraries can only be loaded by my ...more >>

My Application makes lots (i mean lots) of interop calls due to the nature of what it does. (Screen scraping, MSAA, post messages to other windows, etc..). It seems to me that the ability to call unmanaged code is a pretty big thing, it can basically leave the environment vulnerable to anything....more >>

I am hosting a C# UserControl in IE that attempts to automate Microsoft Word. When opening Word I get an Error: System.Security.Permissions.SecurityPermission. How can I give my control permission to open Word? ...more >>

I'm trying to use the ProtectedData class to store encrypted data in isolated storage but something seems to be wrong. If I call the class twice with the same string I get a different encrypted value each time. Here's my encryption method: private static string EncryptString(string Input) {...more >>

I have written a C# 2.0 application which writes to (creates subkeys and data values) in the registry under HLM\SOFTWARE. This application works fine when logged in as admin. But it fails when logged into another (non-admin) account. Of course, this is what I expect. However, I am looking f...more >>

I'm trying to use the command line tool caspol.exe to grant full trust to files that are signed by my company. I've created a very simple console application called "TestApp" and ensured that I signed it with my .SNK file. I'm running the following command in the same directory as the test...more >>

Dear all, I have some simple question relative to Keyed hash algorithm. I have understand from different reading that this type of hashing with secret key ( a common password) is used to avoid malicious person to modified the hash value. This by using following code sample : Dim myhash...more >>

Hi everybody, I am not sure where to put this in this forum. So, I posted this at several topics. I created a class library that has two public methods Encrypt() and Decrypt(). I reference this dll to a window application. I used DESCryptoServiceProvider Algorithm to encrypt and decrypt ...more >>

HI all, How do I go about getting the permmisions of a file. I have been able to get a list of access control rules and tell if they are restricting or permiting a permmision but I cant tell which role / right they are refering to: I can get this type information by using the fileSystem...more >>

Hi all, I have one of those situations where not only do I not know the answer, but I am uncertain what the questions is, lol. I need to create an application that for the following need: My company frequently holds trainings in large conference rooms with 300 or more people. We are struggl...more >>

Hey people, anyone know how to check who deleted files from a network share, The permissions allow all users to delete files within folders, someone has managed to delete various files all over the place within a major project folder. I have managed to restore the project from backups and Win...more >>

Dear all Does anyone have or know a real life nice simple sample that use Asymetric encrpytion ? thnaks for help regards serge...more >>

Hi all, I'm new in encryption and I have a question. I want to encrypt a message using RSA RC4 in one machine with the public and decrypt it in another machine with the private key. I have wrote two pages in classic asp for encrypt/decrypt using CAPICOM API. Now my boss want me to move t...more >>

I've seen several questions posted since October regarding the encryption of connection strings, but none of them seem to address my particular need. I want to deploy a .NET 2.0 Windows Forms application that uses an MS Access 2003 database. The database has been encoded and password protect...more >>

I am trying to create a tool for new user creation so that our Help Desks can create users, home directories, the shares, and add them to groups. It was all good until I got to creating shares on the servers (some are DC's) I can't find ANY WAY to get around the following (in C#): System.M...more >>

Dear all, Suring studying security issue on application and cryptin/Decripting, sample I have found use quite a lot the System.Text.Encoding class. Then a point is mentionned that we shave to be carefull on which encoding method is use for Decrypring and Encryprting. What is the way to ...more >>

I have a vb dot net application that signs some code. I want it to run unattended but when it signs the code and accesses the private key then a Dialog is displayed. The dialog ask if I am sure i want this application to access my private key. Is there a way to identify for the protecte...more >>

Is there some way to protect my .NET code from decompilers, besides obfuscation??? thanks! ...more >>