Defending local .NET application from viruses
https://stackoverflow.com/questions/4198145
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm sure there is no definitive way to guard against viruses but I was wondering if there are any defensive mechanisms that can be put in place when writing a local desktop application to reinforce defenses against viruses. Specifically, I am writing a small WPF accounting application that connects to a SQL Express database on the local server. Are there any steps when it comes to DB encryption, secure strings, etc. that would help in the eventuality that that local PC was infected with a worm/trojan/virus/blended threat? I am equally concerned with corruption and data theft.
Thanks
Solution
There's not really anything you can do that gives you 100% safety once your machine has been compromised - if you can read the database then a virus (or a user logged in via a backdoor) can eavesdrop on the database login. If you encrypt the database with a key and embed the key into your application a virus in theory could read your binary file and get access to the key.
You can attempt to use security by obscurity to make it unlikely that your data will be stolen should your system be compromised. This will help in some situations but it won't stop a determined and skilled adversary. The most important thing is to make sure the virus / worm / whatever doesn't get onto your system in the first place. Some examples of measures you can take:
- Use good programming practices when writing your application (don't allow SQL injection attacks).
- Run only the services you need.
- Run services with the minimum permissions they need.
- Use a firewall.
- Use intruder detection software so that you know when you have been hacked and quickly take the system offline.
OTHER TIPS
As a "small accounting package" you should be off the radar and therefore away any hackers' attention.
The biggest worry should be your Sql Server. If any part of your system gets targeted (besides the OS iteself) it will be the db server (remember the slammer worm.) To really secure it you could place your Sql Server on a separate subdomain and encrypt the communication to it from your application over SSL.
