Windows Server 2003 Security: A Technical ReferenceBy
Table of Contents
| Index
If you''''re a working Windows administrator, security is your #1
challenge. Now there''''s a single-source reference you can rely on
for authoritative, independent help with every Windows Server
security feature, tool, and option: Windows Server 2003
SecurityRenowned Windows security expert Roberta Bragg has brought
together information that was formerly scattered through dozens of
books and hundreds of online sources. She goes beyond facts and
procedures, sharing powerful insights drawn from decades in IT
administration and security. You''''ll find expert implementation tips
and realistic best practices for every Windows environment, from
workgroup servers to global domain architectures. Learn how to:
Reflect the core principles of information security throughout
your plans and processes
Establish effective authentication and passwords
Restrict access to servers, application software, and
data
Make the most of the Encrypting File System (EFS)
Use Active Directory''''s security features and secure Active
Directory itself
Develop, implement, and troubleshoot group policies
Deploy a secure Public Key Infrastructure (PKI)
Secure remote access using VPNs via IPSec, SSL, SMB
signing,
LDAP signing, and more
Audit and monitor your systems, detect intrusions, and respond
appropriately
Maintain security and protect business continuity on an ongoing
basis"Once again, Roberta Bragg proves why she is a leading authority
in the security field! It''''s clear that Roberta has had a great deal
of experience in real-world security design and implementation. I''''m
grateful that this book provides clarity on what is often a
baffling subject!"James I. Conrad, MCSE 2003, Server+, Certified Ethical
Hacker
James@accusource.net"Full of relevant and insightful information. Certain to be a
staple reference book for anyone dealing with Windows Server 2003
security. Roberta Bragg''''s Windows Server 2003 Security is a
MUST read for anyone administering Windows Server 2003."Philip Cox, Consultant, SystemExperts Corporation
phil.cox@systemexperts.com"Few people in the security world understand and appreciate
every aspect of network security like Roberta Bragg. She is as
formidable a security mind as I have ever met, and this is
augmented by her ability to communicate the concepts clearly,
concisely, and with a rapier wit. I have enjoyed working with
Roberta more than I have on any of the other 20 some odd books to
which I have contributed. She is a giant in the field of network
security."Bob Reinsch
bob.reinsch@fosstraining.com"Windows Server 2003 Security explains why you should do
things and then tells you how to do it! It is a comprehensive guide
to Windows security that provides the information you need to
secure your systems. Read it and apply the information."Richard Siddaway, MCSE
rsiddaw@hotmail.com"Ms. Bragg''''s latest book is both easy to read and technically
accurate. It will be a valuable resource for network administrators
and anyone else dealing with Windows Server 2003 security."Michael VonTungeln, MCSE, CTT
mvontung@yahoo.com"I subscribe to a number of newsletters that Roberta Bragg
writes and I have ''''always'''' found her writing to be perfectly
focused on issues I ''''need'''' to know in my workplace when dealing
with my users. Her concise writing style and simple solutions bring
me back to her columns time after time. When I heard she had
written a guide on Windows 2003 security, I ''''had'''' to have it.Following her guidance on deployment, her advice on avoiding
common pitfalls, and her easy to follow guidelines on how to lock
down my network and user environments (those darned users!) has me
(and my clients) much more comfortable with our Win2k3 Server
deployments. From AD to GPO''''s to EFS, this book covers it all."Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra
Vista
AZrob.laposta@cox.net"Roberta Bragg has developed a ''''must have'''' manual for
administrators who manage Microsoft Windows 2003 servers in their
organizations. The best practices for strengthening security
controls are well organized with practical examples shared
throughout the book. If you work with Windows 2003, you need this
great resource."Harry L. Waldron, CPCU, CCP, AAI, Microsoft MVP - Windows
Security Information Technology Consultant
harrywaldronmvp@yahoo.com"Roberta Bragg''''s Windows Server 2003 Security offers more
than just lucid coverage of how things work, but also offers sound
advice on how to make them work better."Chris Quirk; MVP Windows shell/user
cquirke@mvps.org"This book is an invaluable resource for anyone concerned about
the security of Windows Server 2003. Despite the amount and
complexity of the material presented, Roberta delivers very
readable and clear coverage on most of the security-related aspects
of Microsoft''''s flagship operative system. Highly recommended
reading!"Valery Pryamikov, Security MVP, Harper Security Consulting
valery.pryamikov@harper.no"As long as you have something to do with Windows 2003, I have
four words for you: ''''Order your copy now.''''"Bernard Cheah, Microsoft IIS MVP, Infra Architect, Intel
Corp.
bernard@mvps.org"Roberta Bragg has developed a ''''must have'''' manual for
administrators who manage Microsoft Windows 2003 servers in their
organizations. The best practices for strengthening security
controls are well organized, with practical examples shared
throughout the book. If you work with Windows 2003, you need this
great resource."Harry L. Waldron
CPCU, CCP, AAI Microsoft MVPWindows Security Information
Technology Consultant
What's Inside and What's NotInformation security is not a new field. What is new is the requirement that every information technology worker emerges from being security-challenged to being security-conscious. Those who are responsible for any facet of production networks have a higher calling. They must not only be aware, but they also must be proactive. They cannot afford to merely react to the latest Internet threat. They must apply the principles of information security through their network. This book can help them.Chapter 1, "Principles of Information Security," defines these principles and relates them to the content of each chapter. Each chapter deals with a specific Windows Server 2003 security topic and provides both information and instructions for securing the server and for using its security technologies to provide protection for the network. Topics include authentication, user rights and permissions, Software Restriction Policies, Authorization Manager, NTFS, the Encrypting File System (EFS), WebDAV, changes in security technologies introduced with Active Directory, securing Active Directory, trusts in an Active Directory forest between domains in different forests and between forests, Public Key Infrastructure (PKI), using Routing and Remote Access and RADIUS, IPSec and PPTP, SMB signing, a role-based approach to server security, auditing monitoring, and maintenance.This book often provides a unique approach to its subject. It explains not just how to use the technology but when and why and how to use security technologies in a secure manner. An example of this approach is the two chapters on PKI. The first chapter explains the technology and details what must be done to ensure that this key security technology does increase security and not just provide a false sense of security. The second chapter details precisely how to do this. It provides the implementation details of securely implementing a two-tier Certification Authority (CA) hierarchy, including an offline root CA. This chapter is also an example of the type of value added by this bookit's rare to find a thoughtful security approach to a security technology, and it's even rarer to find such a step-by-step detail all in one document.While the book starts with basic security information relative to Windows Server 2003 in a workgroup or domain environment, progresses to security in an Active Directory network, and finishes by explaining the details of advanced Windows-based security technologies, an advanced reader can also benefit by jumping right to the material relevant to a specific problem or a current desire for knowledge. This is because with some exceptions, chapters are based on technical issues rather than technologies. Chapters are therefore often focused around topics such as "Securing Remote Access" (RRAS, VPNs, Internet Information Server), "Securing Data in Flight" (IPSec, PPTP), "Controlling Access to Data" (NTFS, EFS, protecting shares, using WebDAV), "Authorization: Limiting System Access and Controlling User Behavior" (user rights and permissions), or "Restricting Access to Software, Restricting Software's Access to Resources" (Software Restriction Policies, Authorization Manager).This book cannot be your only source for Windows security information. It does not, for example, provide information on securing other versions of Windows. While much of the information on Windows Server 2003 is relevant to the security of earlier versions and will be relevant to future versions, much is unique to Windows Server 2003. You also won't find everything you need to know about securing IIS or securing Windows applications. It is not a book on secure programming, and it does not seek to train you in computer forensics. These topics require book-length discussions of their own. It would be presumptuous to attempt to deliver them along with everything else.This is also not a sexy book. You won't find cool hacker tricks within or justification for using a security technology based on some exploit that works if you don't utilize the hardening technique. There are far too many "I can hack into your network and here is how to stop me" security books. You should not be relying primarily on securing your network against attacks that are so well known that they are published in a book. Instead, you should be applying the knowledge that not only works against multiple current attacks, but that also may quite possibly secure networks against exploits not yet designed. |
لطفا منتظر باشید ...
