I am testing .NET Reactor and when I use .NET Reactor only with Anti ILDASM is this enough to prevent others to look at my source code? I have tried such a protected assembly with Reflector and it cannot open it any more. So is this protection secure enough or are there other possibilities to look at my source?
My "problem" is that my application uses a lot of Reflection (with CSLA.NET) and it seems I cannot use obfuscation.
It depends on what you personally, or by a matter of company standard, define 'secure enough' to be.
Ultimately, no, nothing is safe and never is enough.
We have tested out .Net reactor 4.9 and 5.0 and noted that the 4.9 version can be decompiled very easily but not the 5.0 version. Best is that, you purchase the 5.0 version.
There is one more snag here, as .Net Reactor does not reply to your emails when you email them at support@eziriz.com . This has been going on for the last 3 months. You can try it out and test your self.
All assemblies can be decompiled. Take a look at Should I be worried about obfuscating my .NET code?, How effective is obfuscation?, Protect .NET code from reverse engineering? and so on.
Unfortunately everything can be decompiled, the only thing you can use as a counteraction is to make your code 'harder' to read, but thats about it.
Slightly off topic here but, Im my own opinion, most people who try to code write VERY complicated code which is hard enough to read even when you have the source code available! I think code which you rely upon for intellectual property should be obfuscated of course, but you will probably find not many people would even try to deobfuscate code, and if you are so worried then I think you should be investing in some good solid well paid obfuscation tools.