Help Encrypting Connection String



I am trying to perform the most basic encryption of my connection string in
web.config and I am totally lost. Before someone flames me for not
researching before posting, let me tell you that I have read literally
dozens of explanations and blogs on this and I am more confused than ever.

Every article I have read starts out with stating what a breeze this is to
do, but by the time I get to the 3rd paragraph, either my head is spinning
with encryption technicalities or they assume that I can run aspnet_regiis
on the server. I don't host my web server, like many people, and I find this
assumption obnoxious. To make matters worse, virtually every article I've
read has a different methodology to perform the encryption. I understand
that there are many ways to skin the same cat in .NET, but I'm looking for
simple, if it exists. I never used the 2005 beta, and I'm guessing that many
of these articles are referring to functionality that has subsequently
changed.

I'm not trying to hide anything from the NSA. I simply wish to prevent some
scumbag from trashing my site.
If I have to spend 40 hours becoming an encryption guru before I can do
this, then that's fine. I just wish that someone would be up front about
this and stop stating what a snap it is. If it really is a snap could
someone please provide me a link to some code that is current, accurate, and
unassuming. VB is my language, but I'll certainly settle for some C# code.

Thanks


.



Relevant Pages

  • Re: x509
    ... protect data while it is in transit ... Once the web server receives the data, ... You're confusing X.509 with encryption methods that use X.509 ... It all began with Adam. ...
    (microsoft.public.security)
  • Re: Help Encrypting Connection String
    ... The biggest decision for you here is how you want to store the encryption ... I don't host my web server, like many people, and I find ... > this and stop stating what a snap it is. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Encrypt data sent by browser using public key?
    ... > You'll need to re-encrypt on the Web server. ... SSL encryption terminates on ... > Web server authentication. ... >> IS there a way inside browser encrypt data that will be sent to a web ...
    (microsoft.public.security)
  • Re: Encrypted file system / web server usage.
    ... > Is there any way data can be stored on a web server such that even if ... > someone gained root access they can not read the data? ... Only if the data is sent encrypted to the web browser and decrypted ... server and served in plaintext (even over SSL or other encryption), ...
    (comp.sys.sun.admin)
  • Re: Encrypt data sent by browser using public key?
    ... You'll need to re-encrypt on the Web server. ... Depending on the protocol between the Web server and the app ... farm, you have different authentication and encryption options - and there's ...
    (microsoft.public.security)