Saturday, July 30, 2011

Gmail, Yahoo, Hotmail Attachment Size Limit

Email Attachment Size Limit

Email service has provided us a great advantage over our traditional communication services. But almost all the email service providers have imposed some limitations and restrictions like gmail, yahoo and hotmail as the well known mail server.


We must understand the maximum size of an attachment before sending an email attachment.

Gmail Attachment Size: 20MB
Yahoo Attachment Size: 20MB
Hotmail Attachment Size: 10MB

And even then if you want to send a larger file as required sometime you can use some other alternatives. For example using yousendit.com you can send upto 2GB of file.


Posted by Muhammad at 11:12 PM 0 comments
Labels: , , , , , ,

ASP.Net Restricted File Types

ASP.Net Hidden File Type Restricted File Types

ASP.Net stops you from requesting certain file types and authomatically provides a certain level of security to your configuration and source code files. This is accomplished by registering the file types with IIS and are assigned to HttpForbidderHandler class. This class has the role to simply deny all the requests it receives.

Thus ASP.Net blocks access to Visual Studio project files, Source Code files and some other resources like:

.cs file (C# files)
.vb file (VB.Net files)
.config file (configuration files like web.config file)
.ascx file (ASP.Net user controls)
.vbproj file (VB.Net project file)
.csproj file (C# Project file)
.asax file (Global.asax file containing global.asax events)
.resx file (resource file format consisting of XML entries)
.resources file (specifically designed to create .resources files)



For further details your can refer to web.config.default file in

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Config folder

and find the text

System.Web.HttpForbiddenHandler


Posted by Muhammad at 10:44 PM 0 comments
Labels:

Authentication Authorization

Authentication vs Authorization

Although these terms are used frequently without any difference by most of the users, there is a huge difference between authentication and authorization.

Authentication is the process of finding out a user’s identity and forcing users to prove they are who they claim to be. In this process user is requested to enter his/her credentials typically username and password into login page or window. These credentials are then matched against a list of users in database or a file. If authentication process fails the user is not processed at all, or is served under a different criteria.

Authorization is the process of determining whether that user has sufficient permissions to perform a given action (read, write, modify). Each user has a different level of access to different resources. It's not always true that an authenticated user will have sufficient rights to access a resource. As discussed earlier authentication only aims to see that a particular user is what he/she claims to be. Now it's not always the case that that particular user has sufficient rights to access a resource.

Example: Authentication is like showing your identity to military police on MP gate. They check your details and confirms that you are what you claim to be. Authorization comes next when he decides whether you are allowed to enter or not. You are authenticated but not authorized to enter or in other case authorized to enter the gate.

Luckily ASP.Net provides us a very strong model for handling ASP.Net Security.


Posted by Muhammad at 10:25 PM 0 comments
Labels:
Subscribe to: Comments (Atom)