Ask Slashdot: Writing Hardened Web Applications? 333
rhartness writes "I am a long time Software Engineer, however, almost all of my work has been developing server-side, intranet applications or applications for the Windows desktop environment. With that said, I have recently come up with an idea for a new website which would require extremely high levels of security (i.e. I need to be sure that my servers are as 100% rock-solid, unhackable as possible.) I am an experienced developer, and I have a general understanding of web security; however, I am clueless of what is requires to create a web server that is as secure as, say, a banking account management system. Can the Slashdot community recommend good websites, books, or any other resources that thoroughly discuss the topic of setting up a small web server or network for hosting a site that is as absolutely secure as possible?"
internet explorer (Score:5, Funny)
For some reason, every bank we deal with (for large business types) is internet explorer only. I guess you'll have to start there.
EULA baby! (Score:5, Funny)
Get IIS 4 (Score:5, Funny)
And use VBScript with activeX controls mixed with sql server 6.0 and make sure the clients all have to use IE 6.
Throw a little ASP, not asp.net or anything bloated that checks the sql agaisnt injections and you will have one rock solid platform that nothing will get hacked or get intercepted.Just ask any MCSE to secure it and you are good to go
Re:If you don't know, you can't do it (Score:3, Funny)
Re:If you don't know, you can't do it (Score:5, Funny)