SQL Injection in .NET

Question

Hi I was wondering if anyone knew of some good websites detailing prevention for SQL injection for .NET web applications. Any resources would be greatly appricated, thank you.

Answer 1

The MSDN Magazine article Stop SQL Injection Attacks Before They Stop You seems to be fairly complete.

While containing less detailed information about your specific question, SDL Embraces The Web is a good source of other things you should be thinking about in addition to preventing SQL injection attacks.

The usual disclaimers apply, I don't necessarily agree with all of the information presented in those articles, but the information presented will hopefully get you thinking about ways SQL injection (and other) attacks can be mitigated on a public website.