ASP .NET Archive

ASP.NET Patched Websites Being Attacked

by Maral M
Recently there has been a rise in the number of attacks to websites running with Microsoft’s ASP.NET. The websites that are being mostly attacked belong educational, small business and association entities. Websites that have the patches are more susceptible to the mischievous coding which redirects users to different websites which are under the name James Northone. The coding that is being weaved into the websites is being directed by SQL injection. SQL injection is a coding technique that take advantage of faulty security coding at the database layer. read more...

Choosing ASP.NET MVC

by Omar N.

In the article titled “Which ASP.NET is Better?”, the older ASP.NET Web Form is compared to the newer ASP.NET MVC framework. Although the new framework offers many modern advantages, the author advocates that moving to ASP.NET MVC may not be worth it for web developers because, at the core level, the two are nearly identical. The newer ASP.NET also advertises itself as making it easier to produce cleaner code through its debugging process. This is accomplished by having the ability to isolate certain parts of the code and making it more noticeable where an error may exist. The author argues that the chance of writing bad code is nearly the same between the two, but MVC just makes it easier to diagnose. read more...

Advantages of ASP.NET MVC

by Tuyen H

In the article “Which ASP.NET is Better,” Dino Esposito introduces many advantages of new ASP.NET was created by Microsoft in 2007-2008 called ASP.NET Model View Control (MVC). ASP.NET MVC allows web developers build their web system separate data, business, logic, and presentation layer to the users. Therefore, using this ASP.NET framework, the developers can keep business logic out of the presentation layer. Moreover, the framework has a lot of new features such as total control over HTML and offers cleaner interaction with inline JavaScript. According to the author, “By offering control over HTML and interaction with inline JavaScript, ASP.NET MVC overcomes one of the best selling points of ASP.NET Web Forms when it was introduced a decade ago: Web Forms shielded developers from the nitty-gritty details of HTML.” Furthermore, ASP.NET MVC uses interface based contracts which allow developers easily test on the components by using isolation components. As a result, ASP.NET MVC produces cleaner and more testable code. In this article Dino Esposito also compare between two options of ASP.NET, “the old faithful ASP.NET Web Forms and the young gun, ASP.NET MVC framework.” Finally, the author recommends companies to adapt the ASP.NET MVC as soon as Web Forms is no longer serving. read more...

A hole in ASP.NET

by Chris S
Recently, a few sites have been created under the name “James Northone.” One would rarely navigate to these sites on purpose. Instead, many other sites that are running ASP.NET have been attacked using SQL injection, and made so that some future visitors to these other sites are re-directed to the malicious sites owned by “James.”
This article made me fear for my computer, as it seems sites are being attacked and sites which I should trust are being manipulated to become sites I shouldn’t. As this article came out less than a month ago, and I haven’t seen a significant patch on ASP.NET I believe that the venerability most likely still exists. I hope that I don’t run into this attack myself.
I also believe that this attack speaks about how the biggest companies, like Microsoft, can have the biggest failings in their code. I feel that people need to become much more skeptical on the internet, and trust a whole lot less than they do right now. read more...

So Whats the Bottom Line

by Joeydes M
Summary:

The article talks about the best fit for specific organizations in regards to a development tool. Is Microsofts MVC solution, based on ASP.net and templates, the right tool? the answer is it depends. MVC allows for rapid web form and site develpment so if the organization needs things done quickly and dont particualry care about the look of the site or the functionality this is the way to go. The author states that it isnt that MVC is not modern looking and doesnt provide a good amount of templates that are professional, but they are not very customizable. A lot of it is “out of the box” and WYSIWYG so to speak. Again not that it isnt effective and not to say that it does not get the project done, becuase it does. Now if your organization wants a very customizable web form then they should look at a different development enviornment using things like JavaScript and/or PHP. read more...

ASP.NET MVC

by Jonathan F

http://t1.gstatic.com/images?q=tbn:ANd9GcQgQKnRVdXUJhaodlvPI-avERjxr_hKhUBlcQF-cJIynwBXJp4O

Developers now have a choice when developing a Web page, they can use ASP.NET or use ASP.NET MVC. MVC stands for Model-View-Controller it is a framework that separates an application into three main components. Many companies now are choosing ASP.NET MVC because it lacks any constraints that are imposed by ASP.NET and are using it to revise existing sites. The problem is that there is a greater startup cost for ASP.NET MVC and the benefits of using it might not be large.  ASP.NET MVC was created by Microsoft in 2007- 2008 to demonstrate that it was able to apply MVC to ASP.NET. Its goal was to separate data, business logic, and the presentation to the user. It wanted to reduce the intermingling of the business logic and presentation layer. ASP.NET MVC is more advanced than ASP.NET because it incorporates some of the business and technological advances that have been made after ASP.NET was released. The advantages that ASP.NET MVC has over ASP.NET is that it is lightweight, easy to modify, and highly testable. The first people to adopt ASP.NET MVC were developers that were not happy with the ASP.NET Web Forms because it created a large layer built on top of the Web Forms. ASP.NET MVC lets developers have control of HTML and HTTP. The control of HTML was important because developers could build applications using Ajax more comfortably and it made it easier to add more interactivity and responsiveness to existing apps. ASP.NET MVC adapts easier to the new Web technology developments and ASP.NET MVC uses interface-based contracts that allow isolation which makes testing components easier. It is easier to test code and to write the code cleaner. The author says that although ASP.NET MVC is better than ASP.NET Web Forms it is not really necessary to use ASP.NET MVC over ASP.NET because the core functions of both are the same. The only real reason to use ASP.NET MVC is when Web Forms are no longer useful to the developer. read more...

Mass SQL injection attack affected millions of ASP.net websites

by Boshi W
A recent article on Hacker News informed that a global attack done using SQL injection affected millions of outdated websites without the latest version of adobe PDF, Flash, or Java. Attackers planted malicious JavaScript on ASP.net sites causes the browser to load an iframe with one of the two remote sites: www3.strongdefensiez.in and www2.safetosecurity.rr.nu. From there, the iframe attempts to plant an malware on visitor’s PC Via a number of browser exploits without the visitor’s knowledge or participation. Fortunately, this browser exploit can be patched by browser updates so users with updated browser should not have issues with the exploit. However, it was researched that most of the antivirus softwares today cannot detect the malware and only a few even aware of it. By far, the most affected software is NoScript from firefox which prevents any scripts from running without the user’s permission. read more...

The Paradigm of Service

by James C
Summary:

The IS job market has expanded to include many server-side languages. With the emergence of architectures that are centered on service-orientation, students are now implicitly required to obtain a more well-rounded intelligence of these types of languages. In this paper a pedagogy of courses is outlined to suggest a better approach to arming students with a better understanding of the needs that are required for the evolving job market. It not only reflects on the traditional methods used but also aims to improve them. In its detailed descriptions the paper provides an improved approach to the teaching methods for its proposed course curriculum. The server-side programming languages that are covered in these course are XML, ASP.NET and PHP. read more...

ASP .NET MVC For Education Take Student to The Next Level

by ChihWei H

ASP .NET MVC, a component of Microsoft ASP .NET platform, could be a very powerful tool. It provides separating view of HTML, CSS and Javascript. There are also built-in AJAX functionality and optional jQuery support. In addition, the Razor syntax in ASP .NET MVC 3 provides seamless transition of HTML and C# makeup. All these benefit can be taught at school and let students leans several perspective of web design at the same time. Student can start with static HTML and constructed the style with CSS. MVC 3  projects are pre-populate with CSS for students to manipulate and practice. read more...