security question

Results 1 to 2 of 2

Thread: security question

  1. #1
    Join Date
    Dec 1969

    Default security question

    I am in the process of doing a security audit on a client. On a page when you view source you can see connection data.Example: <BR>Set dbConnect = Server.CreateObject("ADODB.Connection") <BR>Call dbConnect.Open("hits", "", "") <BR><BR>I know how to secure this (password,have connection data in .asp file..). <BR>But is it possible to hack their Access database with this information. If yes then I have earned some pocket money! <BR>A friend believes it is not possible. he says the dsn "hits" is only accessible from the clients web space. <BR>Is this true or can it still be hacked? <BR><BR><BR>

  2. #2
    Join Date
    Dec 1969

    Default The DSN hides..

    ... most of the information about the database from the outside world.<BR><BR>If a hacker can see your ASP source, your network has probably already been hacked.<BR><BR>-Doug

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts