Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder Baleric's Avatar
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    332
    Thanks
    0
    Thanked 0 Times in 0 Posts

    encrypting a connection string in classic ASP

    hello,

    I would like to 1 way encrypt my query string for a 2005 sql database,
    everything i find is only used for .net

    can someone please guide me in the right direction?


    Thanks in advance

    Baleric

  • #2
    Senior Coder Spudhead's Avatar
    Join Date
    Jun 2002
    Location
    London, UK
    Posts
    1,856
    Thanks
    8
    Thanked 110 Times in 109 Posts
    Have a look on 4guysfromrolla, there's an article on there that does a version of (I think) rc4 encryption. Mind, I had all sorts of trouble making it work and eventually gave up and did my crypting in PHP.

  • #3
    Regular Coder Baleric's Avatar
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    332
    Thanks
    0
    Thanked 0 Times in 0 Posts
    i cant get the thing working... it encrypts and send it into the DB, but i want the string encrypted inside the asp file, so if someone gets to it, they cant see the connection string and passwords to my DB

  • #4
    Senior Coder Spudhead's Avatar
    Join Date
    Jun 2002
    Location
    London, UK
    Posts
    1,856
    Thanks
    8
    Thanked 110 Times in 109 Posts
    I don't think you can encrypt part of a file. So:

    You could keep your connection string in a separate file, and decrypt it each time. That might have a significant performance impact, though.

    You could take your connection string out of text files altogether and use a DSN connection. I don't know how possible that is for you or how it would impact your application.

    Or, you could take the view that I'd subscribe to and consider that if someone's got access your your unparsed ASP files, then your server's been pretty comprehensively, err, pwned... and shutting the stable door on your database is gonna be the least of your worries


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •