You could spend morning ’til night protecting your Windows systems, from now until you retire. But if you'd rather leave some time for other things, read Hardening Windows. In less than 200 pages, Jonathan Hassell distills the massive field of Windows security into a set of practical techniques that deliver the greatest value in the least time.
There are 145 separate techniques here, primarily for Windows XP, 2000, NT, the Internet Information Services web server, and Microsoft Exchange (though some also address Windows Server 2003). Most of these techniques require less than a page to explain. Many -- though, of course, not all -- can be implemented very quickly.
Hassell covers a wide swath: system policies, security templates, passwords, user accounts, the Registry, penetration testing, auditing, event logs, forensic analysis, and more. He also presents substantial coverage of some of Microsoft’s increasingly useful tools, notably Software Update Services and Microsoft Baseline Security Analyzer for Windows XP.
Many Windows administrators are still struggling to secure mobile notebooks. Hassell presents a full chapter on Network Access Quarantine Control (NAQC), which enables Windows Server 2003 to limit access to remote users whose notebooks aren’t up-to-date and secure.
The book is realistic about issues like coping with diverse Windows clients. And it’s full of urgent fixes that are easy to miss. (If you’re not careful, Indexing Service might capture angry letters to superiors, love notes to mistresses, secret payroll information -- making them all conveniently searchable.) If it weren’t already useful enough, it even contains quick-reference checklists for everything from policies to auditing. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.