0

I am new to web services so I created a web service to replace my current in-app DB transactions. I wanted things to be safer so that is why I went this way.

When using a free packet sniffer, it instantly grabs my web service ASMX call. The problem with this is that using a program such as fiddler they can easily see the data going back and forth and even worse set up a auto responder.

Is there a way to hide the calls being sent to the web service to hide from packet sniffers? Or at least make it more difficult to see the calls?

Landin Martens
  • 3,283
  • 12
  • 43
  • 61

1 Answers1

2

Expose it over a secured channel (such as SSL) only for transport level security.

Alternatively, you may choose to implement WS-Security to validate the identity of the callers, sign the payload or encrypt the payload (partially or fully); or any combination of the above.

Here is an article that talks about this in the context of ASP.NET: http://msdn.microsoft.com/en-us/magazine/cc188947.aspx

yamen
  • 15,390
  • 3
  • 42
  • 52