Securing Windows Server 2003

( 2 )


With the success of computer viruses like Slammer, security issues are now a top priority for Windows system administrators, right alongside day-to-day tasks such as setting up accounts and managing performance. If you use Windows 2003 Server at a small to medium-sized organization, or use Microsoft's Small Business Server, this thorough yet concise tutorial offers the hands-on advice you need for securing your network.

Modern network operating systems include bundled services ...

See more details below
$35.61 price
(Save 10%)$39.95 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (23) from $1.99   
  • New (10) from $5.99   
  • Used (13) from $1.99   
Sending request ...


With the success of computer viruses like Slammer, security issues are now a top priority for Windows system administrators, right alongside day-to-day tasks such as setting up accounts and managing performance. If you use Windows 2003 Server at a small to medium-sized organization, or use Microsoft's Small Business Server, this thorough yet concise tutorial offers the hands-on advice you need for securing your network.

Modern network operating systems include bundled services that range from traditional file and print sharing and Internet services to authentication, directory and remote access services each a potential security vulnerability as well as a capability. Securing Windows Server 2003 shows you how to put Windows security tools to work, and how to run the server's subsystems to protect users and resources. But that's just the beginning.

Network security needs to be well thought-out, not treated as a fire drill when a threat occurs. This book focuses primarily on ways to plan and implement a secure operating environment. Microsoft security veteran Mike Danseglio uses real-world examples to show you how various security concepts relate to your own system, including:

  • File System Security
  • Group Policy and security templates
  • Running secure code
  • Authentication
  • IP security
  • Public Key Certificates and Public Key Infrastructure
  • Smart Card technology
  • DHCP and DNS security
  • Internet Information Services security
  • Active Directory security
  • Remote access security
  • Security audits
  • Sending secure email, and more

Many chapters include a debate, in which fictional protagonists discuss the pros and cons of a particular strategy or solution. These debates provide an objective look at competing methodologies, so you can select the solutions that best fit your network. Read this book cover to cover to create and implement a security plan, or use individual chapters as stand-alone lessons. Either way, Securing Windows Server 2003 will guide you safely through the morass of security threats.
Read More Show Less

Product Details

  • ISBN-13: 9780596006853
  • Publisher: O'Reilly Media, Incorporated
  • Publication date: 11/10/2004
  • Edition number: 1
  • Pages: 448
  • Product dimensions: 7.06 (w) x 9.10 (h) x 1.13 (d)

Meet the Author

Mike Danseglio is a Program Manager in the Security Solutions group at Microsoft Corporation. He has worked in the areas of security and technology for the last decade. He holds several technical certifications including MCSE and CISSP. His work includes developing and teaching extensive security training on topics including cryptography, security technology, and attacks and countermeasures. His recent projects include writing security documentation for Windows XP and the Windows Server 2003 family as well as working on a host of white papers and articles. He also works on security feature development for Microsoft Windows.

Read More Show Less

Table of Contents

What’s in This Book?;
About This Book;
Assumptions This Book Makes;
Conventions Used in This Book;
Comments and Questions;
Chapter 1: Introduction to Windows Server 2003 Security;
1.1 What Is Security?;
1.2 What Is Windows Server 2003?;
1.3 Security Design in Windows Server 2003;
1.4 Security Features in the Windows Server 2003 Family;
1.5 Summary;
Chapter 2: Basics of Computer Security;
2.1 Why Computer Security Is Important;
2.2 Security Enforcement Mechanisms;
2.3 POLA: The Principle of Least Access;
2.4 Key-Based Cryptography;
2.5 Authorization and Authentication;
2.6 Password Basics;
2.7 Network Security;
2.8 Keeping Your Eyes Open;
2.9 Summary;
Chapter 3: Physical Security;
3.1 Identifying Physical Security Vulnerabilities;
3.2 Protecting Physical Assets;
3.3 Holistic Security: Best Practices;
3.4 Summary;
Chapter 4: File System Security;
4.1 Protecting Files with NTFS File Permissions;
4.2 Protecting Data with the Encrypting File System;
4.3 Protecting System Information with Syskey;
4.4 Summary;
Chapter 5: Group Policy and Security Templates;
5.1 What Is Group Policy?;
5.2 How Group Policy Works;
5.3 How Do Security Templates Work?;
5.4 Using Group Policy to Enforce Security;
5.5 Using Security Templates to Deploy Secure Configurations;
5.6 Summary;
Chapter 6: Running Secure Code;
6.1 Identifying Secure Code;
6.2 Driver Signing;
6.3 Software Restriction Policies;
6.4 Summary;
Chapter 7: Authentication;
7.1 LAN Manager and NTLM;
7.2 Kerberos;
7.3 Summary;
Chapter 8: IP Security;
8.1 What Is IP Security?;
8.2 How Does IPSec Work?;
8.3 Microsoft’s Implementation of IPSec in Windows Server 2003;
8.4 Using IPSec Correctly;
8.5 Summary;
Chapter 9: Certificates and Public Key Infrastructure;
9.1 What Are Certificates?;
9.2 What Do I Do with Certificates?;
9.3 What Is a Certification Authority?;
9.4 Deciding Between Public and Private Certification Authorities;
9.5 Implementing a Public PKI;
9.6 Planning Your Private Certification Hierarchy;
9.7 Implementing a Private Certification Hierarchy;
9.8 Maintaining Your Hierarchy;
9.9 Summary;
Chapter 10: Smart Card Technology;
10.1 What Are Smart Cards?;
10.2 Using Smart Cards;
10.3 Summary;
Chapter 11: DHCP and DNS Security;
11.1 DHCP;
11.2 DNS;
11.3 DNS and DHCP Together;
11.4 Summary;
Chapter 12: Internet Information Services Security;
12.1 What Is IIS?;
12.2 How Does IIS Work?;
12.3 Using IIS Securely;
12.4 Summary;
Chapter 13: Active Directory Security;
13.1 What Is Active Directory?;
13.2 Structural Components of Active Directory;
13.3 Domain Controllers;
13.4 Default Security Through GPOs;
13.5 Providing Security for Domains;
13.6 Providing Security for Forests;
13.7 Providing Security for Active Directory Objects;
13.8 Providing Security for Domain Controllers;
13.9 Summary;
Chapter 14: Remote Access Security;
14.1 What Is Remote Access?;
14.2 Controlling Access;
14.3 Authentication and Encryption Protocols;
14.4 Virtual Private Networks;
14.5 Example Implementations for Remote Access;
14.6 Summary;
Chapter 15: Auditing and Ongoing Security;
15.1 Security Policies and Procedures;
15.2 Auditing;
15.3 Operating System Updates;
15.4 Summary;
Sending Secure Email;
What Is Secure Email?;
How Does Secure Email Work?;
Considerations for Secure Email;
Secure Email Implementation;

Read More Show Less

Customer Reviews

Average Rating 4.5
( 2 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 2 Customer Reviews
  • Anonymous

    Posted November 16, 2005


    Are you savvy about security in the Windows Server 2003 operating system? If not, this book is for you! Author Mike Danseglio, has done an outstanding job of writing a great book that shows you how to put security to work on behalf of your organization and your users. Danseglio begins by setting the stage for the rest of the book by providing an introduction to Windows Server 2003. Next, the author covers basic computer security concepts, including cryptography and fundamental practices for security administrators. Then, he covers various aspects of physical security, which is essential for any data security to succeed. The author continues by dealing with securing files with Encrypting File System and other file oriented technologies. In addition, the author next focuses on using Group Policy as a security tool and utilizing Security Templates. He also discusses ways you can protect against running bad applications. Next, the author covers the various authentication protocols supported by Windows Server 2003, including Kerberos. Then, he examines IP Security and its proper deployment to secure network communication. The author continues by conducting an exhaustive examination of PKI and certificate-based cryptography. In addition, the author covers smart card technologies and their proper deployment. He also focuses on the grotesque lack of security in DHCP and DNS technologies and how you can try to shore them up. Next, the author covers Internet Information Services security, or the lack thereof. Then, he examines Active Directory design and operation from a security standpoint, including proper planning and deployment as well as, securing data between domain controllers. The author continues by covering the security features of Remote Access, including dial-up and VPN connectivity. Finally, he covers additional topics such as administrative security, patch management, and auditing. With the preceding in mind, the author has also done an excellent job of writing a book that covers Windows Server 2003 and some amount of Windows XP security. But, in order to understand Windows based security, the author has also made sure that non-Windows security topics like physical security, security policy and risk management were covered.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted November 22, 2004


    With the increasing problems of attacks against computers, sysadmins who run Microsoft's Windows Server 2003 need to keep their guard up. The strong market share of servers using this operating system makes them attractive targets. So Donseglio offers timely and prudent actions you can easily understand and implement. The book goes into various aspects for you to check. Like safely implementing a public key infrastructure, and receiving and issuing certificates. Plus it talks about the perils of a system thread running insecure code. He recommends that you only run third party code that is signed by a reputable authority. Specifically, you should take every precaution if you get a new device driver. On this OS, and indeed on any OS, device drivers have an intimate and low level relationship with it and with the hardware. A rogue device driver might be able to cause physical damage. So beware!

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 2 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)