You can save the connection strings in the <connectionStrings> section of the web.config file and then encrypt this section with aspnet_regiis (in the C:\Windows\Microsoft.NET\Framework\v2.0.50727 ):
aspnet_regiis.exe -pef "connectionStrings" C:\yourproject\YourWebSite
aspnet_regiis has many configuration parameters - -pef allows -pef to specify the physical path where your website project is located (and find the web.config file in this path and encrypt the connectionStrings section inside it).
Or you can also store things, such as the server name (and the database name, if it is configurable and can change) separately, in the configuration, and only build your connection string at run time in memory and not even store the entire connection string anywhere. But as soon as you have important information like this stored in the configuration file, you are advised to encrypt it.
Mark