Premium Members Get 10% Off and Earn Rewards Find Out More

Maximum Windows 2000 Security

Add to Wishlist

Maximum Windows 2000 Security

Paperback

$54.99

Paperback
$54.99

SHIP THIS ITEM

Qualifies for Free Shipping
PICK UP IN STORE
Check Availability at Nearby Stores

Available within 2 business hours

Want it Today?
Check Store Availability

Related collections and offers

Overview

Maximum Windows 2000 Security is a comprehensive, solutions-oriented guide to Windows 2000 security. Reveals the holes and weaknesses that compromise Windows 2000 security and how to fix them. Teaches practical, pre-emptive countermeasures against tricks and techniques employed by hackers. Same anonymous hacker who wrote the best-selling books Maximum Security and Maximum Linux Security.

Product Details

ISBN-13:	9780672319655
Publisher:	Pearson Education
Publication date:	12/15/2001
Series:	Maximum Security
Pages:	624
Product dimensions:	7.30(w) x 9.10(h) x 1.40(d)

About the Author

Anonymous is a reformed hacker and programmer and is currently at work building one of the world's largest computer security archives. While running an Internet security consulting company, he also moonlights doing contract programming for several Fortune 500 firms.

Maximum Security, Third Edition, 0-672-31871-7, $49.99, Sams, May 2001
Maximum Linux Security, Second Edition, 0-672-32134-3, $49.99, Sams, June 2001

Mark Burnett is a consultant specializing in IIS and Windows 2000 security. He is the original founder of Xato Network Security, and is currently managing editor of the IIS Security Insider newsletter.

L.J. Locher is a network administrator, programmer, security consultant who has written articles for Windows 2000 Magazine and contributed to several books for Microsoft Press and others.

Chris Doyle is CEO/managing consultant for Coneth Solutions, a leading IT consulting firm in northern California.

Chris Amaris is the chief technology office and cofounder of Convergent Computing, a Bay Area consulting firm specializing in security, performance tuning, network/systems management, infrastructure migration, and messaging.

Rand Morimoto is a well-known author, consultant, and speaker on subjects ranging from electronic commerce to electronic messaging to Internet security.

Introduction.

I. INTRODUCTION TO WINDOWS 2000 SERVER SECURITY.

1. Hacking Windows 2000 Servers.

What Makes Windows 2000 Vulnerable. Knowing the Tools. Summary.

2. Windows 2000 Server Security Features.

Windows 2000 Security Features. Enhanced Access Control. Enhanced Network Control. IPSec and VPNs. Kerberos. Advanced Authentication Support. File System Encryption. Logging. Summary.

3. The Hacker Toolkit.

Types of Tools. The Hacker's Toolkit. Tools for Your Tools. Building Tools. The Basic Tools. Summary.

II. WINDOWS 2000 SERVER SECURITY BASICS.

4. Hacking Windows 2000: Getting Started.

Finding Networks. Finding Windows 2000 Servers. Finding Open Services. Evading Detection. Summary.

5. Installing Windows 2000: The First Step Toward Security.

Pre-Installation Considerations. The Installation Process. Summary.

6. Password Security.

Inside Windows 2000 Passwords. What Are Hashes? Cracking Windows 2000 Passwords. Finding Password Hashes. Cracking Password Hashes. Protecting Passwords through Security Policy. Protecting Passwords through User Education. Password Synchronization with Existing Unix Systems. Miscellaneous Password Issues. Maximum Password Security. Summary on Password Security.

7. Windows 2000 Services.

Understanding How Services Work. Windows 2000 Services. Summary.

III. WINDOWS 2000 NETWORKING.

8. Windows 2000 Network Security Architecture.

Active Directory. Internet Protocol Security (IPSec). Public Key Infrastructure (PKI). Understanding Workgroups. Understanding Windows 2000 Domains. Interoperability and Heterogeneous Network Features. Further Reading on Windows 2000 Network Security and on Windows 2000 Interoperability. Summary.

9. Network Protocols, Clients, and Services.

Open Systems Interconnection (OSI) Reference Model. TCP/IP. Windows 2000 Clients, Protocols, and Services. Name Resolution Services. Summary.

10. Trojans and Backdoors.

Understanding Malicious Code Attacks. Recent Malicious Code Attacks. Protecting Windows 2000 Networks against Malicious Code Attacks. Additional Resources for Preventing Malicious Code Attacks. Summary.

11. Active Directory.

Active Directory Namespace. Active Directory Objects. Distributed Security. File and Folder Permissions. Summary.

12. Security Policy and Configuration.

Security Configuration Tool Set. What Is the Microsoft Management Console (MMC)? Security Areas. Security Configuration Tool Set Components. Security Templates. Security Configuration and Analysis Tool. Security Settings Extension for the Group Policy Snap-In. secedit.exe Command-Line Tool. Summary.

13. Exploiting Web Services.

Background of Web Services. Finding Vulnerable Pathways to Accessible Web Servers. Acquiring Administrative Access to a Web Server. Physically Accessing an IIS Server. Defacing (Tagging) a Server. Causing Server Congestion. Summary.

14. Protecting Web Services.

How Secure Can You Make Your Web Services. Step 1: Security Updates for IIS. Step 2: Who Needs Access to Your Web Server? Step 3: From Whom Are You Trying to Protect Your Server? Step 4: What Are You Trying to Protect. Step 5: Where Are Your Vulnerabilities. Step 6: How to Test for Vulnerability. Step 7: Monitoring and Logging Server Activities. Summary.

15. Protecting Other Internet Services.

Overview and Goals. General Planning for Secure Systems. Hardening the Windows 2000 Operating System. Securing FTP Services. Securing SMTP Services. Protecting Windows 2000 DNS Servers. Summary.

16. TCP Filtering and Firewalls.

What Is a Firewall? Types of Firewalls. IP Filtering. Firewalls for Windows 2000 Enterprises. Personal Firewalls. Further Reading on Firewalls. Summary.

17. Denial of Service.

Overview and Goals. Understanding Denial of Service Attacks. DOS Attacks and Prevention. Infamous Denial of Service Attacks. Protecting Windows 2000 Networks against Denial of Service Attacks. Summary.

18. Spoofing.

General IP Spoofing Attack Concepts. TCP SYN Flooding and IP Spoofing Attacks. Other Types of Spoofing Attacks. ARP Spoofing. DNS Spoofing. Web Spoofing. Lower the Vulnerability of Your Web Site. Registry Settings to Help Protect Your Network. Further Reading on Spoofing. Summary.

IV. PRIVACY AND ENCRYPTION IN A WINDOWS 2000 ENVIRONMENT.

19. Privacy and Encryption in a Windows 2000 Environment.

Basic Privacy Protection Concepts. Cryptography Primer. Components of Cryptography. Introduction to Public Key Infrastructure (PKI). Risk Factors to Consider for Windows 2000 Cryptography Features. Further Reading on PKI and Cryptography. Summary.

20. IPSec.

Peeping Tom or Protocol Snooping. Privacy, Please! How Did We Do That? The Technical Details. IPSec Tools. Request for Comments. Summary.

21. Virtual Private Networking.

Why Not Call In? Setting Up the VPN. Technical Details. Request for Comments. Summary.

V. MAINTAINING WINDOWS 2000 SERVER SECURITY.

22. Log Monitoring and Analysis.

What Is Logging, Exactly? Default Logging Support in Windows 2000. FTP Server Logs. IIS Web Server Logs. The Performance Logs and Alerts Tool. Summary.

23. Intrusion Detection.

Types of Intrusion Detection Systems. Detection Methods Used by Intrusion Detection Systems. Common Threats to Networks and Systems. Intrusion Detection Tools. Methods of Evading an Intrusion Detection System. Methods of Defeating an Intrusion Detection System. How to Select an Intrusion Detection System. Further Reading on Intrusion Detection. Honeypots. Summary.

24. Backups and Disaster Recovery.

Planning a Backup Strategy. Backup and Restore Permissions. Choosing Your Backup Tools. Microsoft Windows Backup. Backing Up Your Data. mtfcheck: Verifying Backup Tapes from Scripts. regback: Registry Backup. regrest: Restoring Registry regback Backups. More Backup Strategies. Summary.

Index.

From the B&N Reads Blog

Page 1 of

Editorial Reviews

The Barnes & Noble Review
Windows security is never far from the headlines. Nor is it far from the minds of network and system administrators. If you're one of them, you'll sleep better at night if you read this systematic guide to hardening your Win2K servers -- and follow the rules and procedures it teaches you.
Author "Anonymous" identifies five key factors that make Windows 2000 vulnerable: the human factor (neither users nor sysadmins are perfect); Windows 2000's attempt to be all things to all people; Win2K's scattered and inadequate monitoring tools; its enormity and complexity; and the relative insecurity of "out-of-the-box" installations. This book addresses all five.
It offers the best coverage we've seen on installing Windows 2000 for maximum security. "Anonymous" lists nine questions you need to answer before you break the shrink wrap; then points out some not-so-obvious pitfalls. (Giving your server an obvious name, such as WEBSERVER, gives intruders a head start.) On the companion web site, the author provides an unattended install script that excludes most Win2K features that cause security holes. (The rest you'll have to eliminate or secure manually. "Anonymous" shows you how.)
This book covers the waterfront. There's detailed coverage of password security (it's stronger, but any backward-compatible LAN Manager passwords are still plenty vulnerable); and Windows 2000 services (they have system privileges, and if a hacker can find a way to exploit one, he can often gain the same privileges). There are chapters on trojans and backdoors; security policy and configuration; and Active Directory. There are more than 150 pages on exploiting and protecting Web and other Internet services. And there's a full section on encryption. (Sure, you're encrypting the folder containing those secret corporate takeover plans -- but are you encrypting the folder in the place where Microsoft Word places all the temporary files it's creating as you're scheming? Hmmm...)
This book is the real deal. If you're responsible for a Windows 2000 server, you must know this stuff. (Bill Camarda)
Bill Camarda is a consultant, writer, and web/multimedia content developer with nearly 20 years' experience in helping technology companies deploy and market advanced software, computing, and networking products and services. He served for nearly ten years as vice president of a New Jersey–based marketing company, where he supervised a wide range of graphics and web design projects. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

bn.com

Maximum Windows 2000 Security

Maximum Windows 2000 Security

Paperback

Paperback

Related collections and offers

Overview

Product Details

About the Author

Table of Contents

Customer Reviews

Related collections and offers

Overview

Product Details

About the Author

Table of Contents

Related Subjects

Customer Reviews