Windows NT/2000 Network Securityby E. Eugene Schultz
This book is intended primarily for LAN administrators, system programmers, information security staff, and advanced users. Although the main focus of the book will be technical, many facets of Windows NT security involve practicing sound control procedures. As such, much of the book's discussion will be pertinent to all three groups. Windows NT/2000 Network… See more details below
This book is intended primarily for LAN administrators, system programmers, information security staff, and advanced users. Although the main focus of the book will be technical, many facets of Windows NT security involve practicing sound control procedures. As such, much of the book's discussion will be pertinent to all three groups. Windows NT/2000 Network Security will also thoroughly cover security-relevant technical issues such as controlling services protocols like Web-services and SMB. The book will be carefully sequenced to delve into technical issues increasingly with each chapter, so that the last half of the book will be more relevant to LAN administrators and system programmers than anyone else - whereas the first half will be equally pertinent to all groups.
Read an Excerpt
Chapter 1: Introduction and OverviewNot too many years ago, the UNIX operating system had firm control over the hearts and minds of people within the information technology arena. Mail servers were implemented on UNIX platforms, as were FTP servers, DNS servers, firewalls, and almost every other kind of imaginable server in the TCP/IP environment. At the same time, Novell NetWare was the predominant product when it came to local area networks (LANs). A littleknown Microsoft product named LAN Manager (a predecessor to Windows NT) was on the market, but it was anything but a bestseller. Microsoft LAN Manager (LanMan) offered mechanisms called "shares" to enable users to remotely access files, directories, and printers.
LanMan was in several respects a big step forward in that it introduced network logons in which users were authenticated to a network of machines. LanMan was a major improvement over typical LAN logons of the time. After LanMan users were authenticated to the network, they could reach different servers without having to reauthenticate. In contrast, most LAN products at that time required users to authenticate to each individual server to access the files stored on each server. LanMan worked fairly well within the context of token-ring networking and could also be deployed in Ethernet environments. The first release of LanMan unfortunately had a bug of such Herculean proportions that if a user entered a particular set of keystrokes, the server not only crashed, but had to be reinstalled. News of this bug circulated widely, causing negative publicity that hurt LanMan's popularity. Ironically, however, LanMan had reasonably good security potential. Security inLanMan depended on a number of critical settings, many of which were within the LANMAN.INI file. A system administrator could set security-related parameters (for example, ENCRYPT = YES) to provide an encrypted link between LanMan clients and servers to increase security control considerably. IBM OS/2, another predecessor to Windows NT, was in many ways a better product than LanMan. It offered similar (and, in many ways, better) kinds of functionality but, unfortunately, suffered (among other ailments) from an underwhelming marketing effort. It therefore also did less to capture the hearts and minds of the user community than a technologically superior product of its time should have. Unfortunately, technology too often plays a secondary role to marketing considerations.
Windows NT emerged shortly afterward as the logical successor to the previous LAN products. With the promise of delivering "new technology," its sales statistics were initially less than impressive. UNIX and NetWare still ruled. New releases of Windows NT with new features emerged. Sales improved. Slowly but surely, Windows NT emerged from the proverbial operating system heap as an increasingly dominant product. People who were justifiably concerned with UNIX (and, to a lesser degree, NetWare) security and its limitations quickly shifted their focus to the upstart Windows NT operating system. Used initially more as a desktop platform than anything else, Windows NT made inroads into the server area.
The UNIX revolution is indeed not yet over. Despite the extensive marketing hype afforded Windows NT, the popularity of the UNIX operating system has not really suffered. Meanwhile, Linux, a "near-relative" of UNIX, is growing rapidly in popularity. Many of the variations ("flavors") of UNIX still continue to provide a high degree of functionality and operational reliability seldom realized with many other operating systems. In contrast, however, over the years a very large number of security-related vulnerabilities in UNIX have emerged. Perhaps predictably, vulnerabilities in the various flavors of UNIX continue to surface at a rapid rate. Windows NT is by no means the answer to all of today's information technology needs. But "prime time" in today's information technology environment no longer belongs exclusively to UNIX. Whether or not you like the Windows NT operating system, Windows NT has lodged itself in almost every current operating environment in major countries throughout the world. As in UNIX and Linux, security in Windows NT is a major concern. What are the major issues in the Windows NT security arena? Is Windows NT really the "most secure operating system product that is commercially available," as some marketing hype claims? Is Windows NT as full of security-related vulnerabilities as its detractors claim? These and the many other security-related issues surrounding Windows NT must be resolved if one is to deploy this product in accordance with business and operational needs...
and post it to your social network
Most Helpful Customer Reviews
See all customer reviews >