Encrypt your URL query's ! Prevent intruders to manipulate with query string of your URL and don't give them any chance to mess with your data using SQL injection. While there are many more SQL injection stopping techniques this one doesn't require ANY change in your existing code, and completely hides query's content.
All that you have to do is declare PUriQueryCrypt HttpModule in web.config of your web application. There are examples and instructions how to do this in PUriQueryCrypt archive.

If you want to implement your own encryption you can supply custom Encryption class. While this component is written in Delphi for .NET there is example of encryption class (see StrongEncrypt in PUriQueryCrypt.zip archive) that you can plug in with PUriQueryCrypt written in C# (VS.NET project).

more about PUriQueryCrypt...