How to secure my DLLs

[Kelly G.]

Hi All

I am developing a web application in .Net technology. Usually, I create a
DLL for all of my modules to protect the logics. And it is possible to
decompile the DLL.
How do I protect DLL created using VISUAL STUDIO.NET 2002. I want to secure
component design. Give me some professional techniques to secure the codes.
Any 3rd party software must not be able to decompile it.


It is an essential part of my programming stuff. Please give solution.

Thanks and Regards

Kelly

 

[Steve C. Orr [MVP, MCSD]]

You can obfuscate your assemblies so they cannot be easily decompiled.
Visual Studio 2003 has a basic built in obfuscator, but for 2002 you'll need
a 3rd party solution.

Here's more information on obfuscators:
http://www.abderaware.com/WhitePapers/Obfuscator.htm
http://www.preemptive.com/dotfuscator/index.html
http://www.devx.com/SummitDays/Article/11351
http://www.lesser-software.com/ilobf.htm

 

[Kelly G.]

Hi Steve

Thanks a lot for the immediate response.
Will get back to you in case of any further clarifications.
Warm Wishes
Kelly

 

[Hermit Dave]

Kelly,

using intermediate code is has a great many advantages and the clr should be
able to read the intermediate code as is.
For that reason if you need to hide your business logic you can use tools
like Dotfuscator www.preemptive.com
using such tools dont make it impossible to decompile... just a bit harder.
In my experience
1. you can fudge the control flow to an extent
2. you can use string encryption
3. you can use renaming (i prefer renaming to unprintable characters)

once you fudge your assembly.
..NET Reflector: http://aisto.com/roeder/dotnet/
MSIL Disassembler:
http://msdn.microsoft.com/library/d.../en-us/cptutorials/html/ildasm_deployment.asp

download them and loaded up your dotfuscatored assembly and see what the
output is like. then you can keep trying various aspects of dotfuscator and
see how they work.

HTH

 

[Kelly G.]

Hi Steve
I am back again!
I got lots of doubts now.

1.) Is that possible to create a one dll includes
controls/library/assemblies?

2.) If yes, you mean I don't need aspx anymore to run over the
web, just if I call dll will load the whole page.

3.) If no, can I have valid reason?



Explanation:

Let say, I want to run a site only with dlls but not with
aspx. It is a single DLL concept. There is any possibility to do so.

Awaiting..

Thanks and Regards

Kelly

 

[Steve C. Orr [MVP, MCSD]]

No you can't easily do this. You'd have to structure your assemblies very
carefully during development.

For now you still need ASPX pages.
It .NET 2.0 this kind of thing gets much more flexible.

--
I hope this helps,
Steve C. Orr, MCSD, MVP
http://Steve.Orr.net
Hire top-notch developers at http://www.able-consulting.com