Hardening Windows

System administrators know the Internet is a hostile environment. They can't tell when a hacker will attempt to gain access to the SQL server, but they can bet that there will be an attempt soon. Because the operating system is vital to a computer's functioning, and because it's the only layer between the machine's available resources and its users, it's critical that the operating system resist compromise.



Hardening Windows is an intermediate-to-advanced guide to implementing preventative security measures for the Windows operating system, and it's the only book that covers NT, 2000, XP, and 2003. This book is designed to provide a quick and easy checklist-style reference to the steps system administrators need to take to anticipate attacks and compromises, and to harden Windows NT, 2000, XP, and Server 2003 against them.



1102794439
Hardening Windows

System administrators know the Internet is a hostile environment. They can't tell when a hacker will attempt to gain access to the SQL server, but they can bet that there will be an attempt soon. Because the operating system is vital to a computer's functioning, and because it's the only layer between the machine's available resources and its users, it's critical that the operating system resist compromise.



Hardening Windows is an intermediate-to-advanced guide to implementing preventative security measures for the Windows operating system, and it's the only book that covers NT, 2000, XP, and 2003. This book is designed to provide a quick and easy checklist-style reference to the steps system administrators need to take to anticipate attacks and compromises, and to harden Windows NT, 2000, XP, and Server 2003 against them.



29.99 In Stock
Hardening Windows

Hardening Windows

by Jonathan Hassell
Hardening Windows
Add to Wishlist
Hardening Windows

Hardening Windows

by Jonathan Hassell

Overview

System administrators know the Internet is a hostile environment. They can't tell when a hacker will attempt to gain access to the SQL server, but they can bet that there will be an attempt soon. Because the operating system is vital to a computer's functioning, and because it's the only layer between the machine's available resources and its users, it's critical that the operating system resist compromise.



Hardening Windows is an intermediate-to-advanced guide to implementing preventative security measures for the Windows operating system, and it's the only book that covers NT, 2000, XP, and 2003. This book is designed to provide a quick and easy checklist-style reference to the steps system administrators need to take to anticipate attacks and compromises, and to harden Windows NT, 2000, XP, and Server 2003 against them.



Product Details

ISBN-13: 9781430206811
Publisher: Apress
Publication date: 01/01/2008
Sold by: Barnes & Noble
Format: eBook
Pages: 200
File size: 4 MB

About the Author

Jonathan Hassell is an author, consultant, and speaker on a variety of IT topics. His published works include RADIUS, Hardening Windows, Using Microsoft Windows Small Business Server 2003, and Learning Windows Server 2003. His work appears regularly in such periodicals as Windows IT Pro, PC Pro, and TechNet Magazine. Jonathan also speaks worldwide on topics ranging from networking and security to Windows administration. He is currently an editor for Apress, which specializes in books for programmers and IT professionals.

Table of Contents

About the Authorix
About the Technical Reviewerx
Acknowledgmentsxi
Introductionxiii
Chapter 1Hardening: Theory and General Practice1
What Is Security?2
The Security Dilemma3
Enemies of Security4
Some General Hardening Suggestions4
Software Considerations5
Hardware and Network Considerations6
Checkpoints8
Chapter 2Windows NT Security11
Windows NT System Policy Editor11
Customizing and Applying Group Policies12
Resolving Conflicts Between Multiple Policies13
Recommended User Policy Settings13
Passwords18
Password Policies18
Password Cracking19
Protecting User Accounts20
Registry Procedures21
Protecting the File System21
Locking Down Local Directories22
Search Paths23
Guarding Against Internet Threats23
Windows NT Port Filtering24
Protecting Against Viruses24
Assigning Rights to Users25
Granting and Revoking User Rights26
Checkpoints30
Chapter 3Windows 2000 Security33
System Updates33
The "Slipstreaming" Process34
Critical Updates and Security Hotfixes35
Managing Critical Updates Across Multiple Computers35
Security Templates37
Creating a Custom Security Template38
Recommended Security Policy Settings40
User Accounts40
Local Options42
Other Security Considerations45
Windows Component Selection and Installation45
Tightening Running Services45
Checkpoints46
Chapter 4Windows XP Security49
Implementing a Firewall49
Changes to Services51
Microsoft Baseline Security Analyzer Patch Check and Security Tests64
Installing Microsoft Baseline Security Analyzer64
Penetration Tests65
File System Security65
Disable Automated Logins66
Hardening Default Accounts66
Using Forensic Analysis Techniques68
Checkpoints69
Chapter 5Defining Enterprise Security Policies with Windows 2000 and Later71
System Policies, Group Policies, and Interaction72
Mixing Policies and Operating Systems73
Security and the Group Policy Framework77
Organized Layout of Policies78
Policy Application Precedence79
Creating Security Configuration Files80
Default Domain Policy82
Default Domain Controller Security Policies82
Troubleshooting Group Policy83
Checkpoints84
Chapter 6Patch Management87
About Software Update Services87
Comparing Software Update Services to Systems Management Server88
Using Software Update Services: On the Server Side90
Using SUS: On the Client Side99
Checkpoints102
Chapter 7Network Access quarantine Control105
How Network Access Quarantine Works106
A Step-by-Step Overview of Network Access Quarantine Control106
Deploying NAQC108
Creating Quarantined Resources108
Writing the Baseline Script109
Installing the Listening Components112
Creating a Quarantined Connection Profile113
Distributing the Profile to Remote Users116
Configuring the Quarantine Policy116
Checkpoints122
Chapter 8Internet Information Services Security123
Completely Disable IIS123
Checking for Updates on Machines124
Keeping IIS Updated126
Securing Files, Folders, and Scripts127
The Microsoft Indexing Service129
TCP/IP Port Evaluation131
Administrative and Default Pages133
The Ins and Outs of Internet Services Application Programming Interface134
Looking at Apache as an Alternative134
Checkpoints135
Chapter 9Exchange 2000 Server Security137
Installation Security137
Security Policy Modifications138
For Exchange Server Machines139
For Domain Controller Machines139
Service Security140
Patch Management141
Protecting Against Address Spoofing142
Protecting Against Denial-of-Service Attacks144
Restricting SMTP Access146
Controlling Access148
Checkpoints149
Chapter 10Security Auditing and Event Logs151
For Windows 2000, XP, and Server 2003151
Recommended Items to Audit153
Event Logs153
For Windows NT 4.0155
Recommended Items to Audit156
The Event Log157
Filtering Events157
What Might Be Missing158
Checkpoints158
AppendixQuick-Reference Checklists161
Index173
From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Networking & Telecommunications
Operating Systems
Internet & World Wide Web
Windows
Web Programming/Development
Computer Security
Operating Systems - Computer Networks
Security - Computer Networks
Windows 2000
Windows NT
Microsoft .NET
Windows XP
Windows 2000->Security
Windows NT->System administration
Windows Server 2003
Computers
Computers - General & Miscellaneous
Networking & Telecommunications
Operating Systems
Internet & World Wide Web
Windows
Web Programming/Development
Computer Security
Operating Systems - Computer Networks
Security - Computer Networks
Windows 2000
Windows NT

Customer Reviews