بیشترلیست موضوعاتWindows Server 2003 Security: A Technical ReferenceBy
Table of Contents
| IndexIf you''''re a working Windows administrator, security is your #1
challenge. Now there''''s a single-source reference you can rely on
for authoritative, independent help with every Windows Server
security feature, tool, and option: Windows Server 2003
SecurityRenowned Windows security expert Roberta Bragg has brought
together information that was formerly scattered through dozens of
books and hundreds of online sources. She goes beyond facts and
procedures, sharing powerful insights drawn from decades in IT
administration and security. You''''ll find expert implementation tips
and realistic best practices for every Windows environment, from
workgroup servers to global domain architectures. Learn how to:
Reflect the core principles of information security throughout
your plans and processes
Establish effective authentication and passwords
Restrict access to servers, application software, and
data
Make the most of the Encrypting File System (EFS)
Use Active Directory''''s security features and secure Active
Directory itself
Develop, implement, and troubleshoot group policies
Deploy a secure Public Key Infrastructure (PKI)
Secure remote access using VPNs via IPSec, SSL, SMB
signing,
LDAP signing, and more
Audit and monitor your systems, detect intrusions, and respond
appropriately
Maintain security and protect business continuity on an ongoing
basis"Once again, Roberta Bragg proves why she is a leading authority
in the security field! It''''s clear that Roberta has had a great deal
of experience in real-world security design and implementation. I''''m
grateful that this book provides clarity on what is often a
baffling subject!"James I. Conrad, MCSE 2003, Server+, Certified Ethical
Hacker
James@accusource.net"Full of relevant and insightful information. Certain to be a
staple reference book for anyone dealing with Windows Server 2003
security. Roberta Bragg''''s Windows Server 2003 Security is a
MUST read for anyone administering Windows Server 2003."Philip Cox, Consultant, SystemExperts Corporation
phil.cox@systemexperts.com"Few people in the security world understand and appreciate
every aspect of network security like Roberta Bragg. She is as
formidable a security mind as I have ever met, and this is
augmented by her ability to communicate the concepts clearly,
concisely, and with a rapier wit. I have enjoyed working with
Roberta more than I have on any of the other 20 some odd books to
which I have contributed. She is a giant in the field of network
security."Bob Reinsch
bob.reinsch@fosstraining.com"Windows Server 2003 Security explains why you should do
things and then tells you how to do it! It is a comprehensive guide
to Windows security that provides the information you need to
secure your systems. Read it and apply the information."Richard Siddaway, MCSE
rsiddaw@hotmail.com"Ms. Bragg''''s latest book is both easy to read and technically
accurate. It will be a valuable resource for network administrators
and anyone else dealing with Windows Server 2003 security."Michael VonTungeln, MCSE, CTT
mvontung@yahoo.com"I subscribe to a number of newsletters that Roberta Bragg
writes and I have ''''always'''' found her writing to be perfectly
focused on issues I ''''need'''' to know in my workplace when dealing
with my users. Her concise writing style and simple solutions bring
me back to her columns time after time. When I heard she had
written a guide on Windows 2003 security, I ''''had'''' to have it.Following her guidance on deployment, her advice on avoiding
common pitfalls, and her easy to follow guidelines on how to lock
down my network and user environments (those darned users!) has me
(and my clients) much more comfortable with our Win2k3 Server
deployments. From AD to GPO''''s to EFS, this book covers it all."Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra
Vista
AZrob.laposta@cox.net"Roberta Bragg has developed a ''''must have'''' manual for
administrators who manage Microsoft Windows 2003 servers in their
organizations. The best practices for strengthening security
controls are well organized with practical examples shared
throughout the book. If you work with Windows 2003, you need this
great resource."Harry L. Waldron, CPCU, CCP, AAI, Microsoft MVP - Windows
Security Information Technology Consultant
harrywaldronmvp@yahoo.com"Roberta Bragg''''s Windows Server 2003 Security offers more
than just lucid coverage of how things work, but also offers sound
advice on how to make them work better."Chris Quirk; MVP Windows shell/user
cquirke@mvps.org"This book is an invaluable resource for anyone concerned about
the security of Windows Server 2003. Despite the amount and
complexity of the material presented, Roberta delivers very
readable and clear coverage on most of the security-related aspects
of Microsoft''''s flagship operative system. Highly recommended
reading!"Valery Pryamikov, Security MVP, Harper Security Consulting
valery.pryamikov@harper.no"As long as you have something to do with Windows 2003, I have
four words for you: ''''Order your copy now.''''"Bernard Cheah, Microsoft IIS MVP, Infra Architect, Intel
Corp.
bernard@mvps.org"Roberta Bragg has developed a ''''must have'''' manual for
administrators who manage Microsoft Windows 2003 servers in their
organizations. The best practices for strengthening security
controls are well organized, with practical examples shared
throughout the book. If you work with Windows 2003, you need this
great resource."Harry L. Waldron
CPCU, CCP, AAI Microsoft MVPWindows Security Information
Technology Consultant
توضیحاتافزودن یادداشت جدید
Chapter 2. Authentication: Proof of Identity
The most important thing that you can do to manage information access is to require that those who want to access information provide proof of identity. If you require all potential users of your information system resources to authenticate themselves, that is, to prove they are who they say they are, then you can restrict system and resource access to approved identities. Authentication can be a precursor to authorization and accountability. Authorization determines the type of access the authenticated users are allowed and the rights they have on the system. Accountability is the ability to determine who did what. It is based on your ability to record the systems and resources that users have accessed and the things they have done while connected to these resources. Requiring authentication facilitates both authorization and accountability. However, if you know nothing about processing credentials and verifying identities, and if you do not harden and manage these processes, you can support neither authorization nor accountability. You may as well have required no proof of identity at all. The content in this chapter will provide the knowledge and best practices you need to successfully harden authentication.The process of authentication is familiar to most people. In the real world, we are often required to authenticate ourselves. We present a driver's license before we can board a plane, a passport before we can enter a different country, or a company ID to enter business offices. These documents are validated, in many cases, by the simple process of comparing the picture on the document with the person presenting it, and comparing the features of the credentials (official stamps, seals, and signatures) with those we know to be valid. In legacy versions of the Windows operation system, authentication is optional. However, authentication is required to access Windows systems based on Windows NT technologies (Windows NT 4.0, Windows 2000, Windows XP Professional, and Windows Server 2003). Authentication occurs when each user logs on, and again when that user attempts to access resources such as files, remote computers, printers, and so forth. The credentials required consist of a valid account and some factor such as password, biometric, token, or certificate. The process used to authenticate the user will vary depending on the specific authentication algorithm used and how it is configured. An important part of authentication management is knowing what's possible, what's practical, and what's allowed and then knowing how to use that information to make your systems as secure as they can be.TIP: Monitor Security Logs During Times of NormalityFailed logons and other authentication anomalies may be user errors, improper system configurations, or network problems, or they may be indications of an attack. If you monitor the authentication process and learn to determine the cause of errors, you will be able to better respondwhatever the real cause.
Stop! Think Before Changing the Authentication Process
Before you make changes to your authentication process, such as modifying the password policy, configuring authentication protocols, or hardening authentication process-related settings, you must evaluate the impact of these changes, and you must review your organization's security policy for the appropriateness of the change. Your security implementation decision should always be based on fulfilling the organization's security policy. Not only is this a standard that governs your actions, but changing authentication requirements or processes also can inadvertently damage your organization by making it impossible for people to do their jobs. Users can find themselves unable to log on, processes may halt, resources can become inaccessible, and actual work can be reduced to a trickle.authentication algorithms and their configurationState best practices for authentication management This chapter will not provide the details of the remote or web authentication process; these will be detailed in Chapter 14, "Securing Remote Access." Nor will it describe Group Policy processing. You will find additional information on Group Policy and the management of authentication in a Windows domain in Chapter 7, "Active Directory's Role in Domain Security." Information on auditing authentication is detailed in Chapter 19, "Monitoring and Assessment."