Windows Server Hack [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Windows Server Hack [Electronic resources] - نسخه متنی

Mitch Tulloch

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Windows Server Hacks

Table of Contents

Copyright

Credits

About the Author

Contributors

Acknowledgments

Foreword: I''m a Sci-Fi freak

Preface

Why Windows Server Hacks?

Getting and Using the Scripts

How to Use This Book

How This Book Is Organized

Conventions Used in This Book

Using Code Examples

How to Contact Us

Got a Hack?

Chapter 1. General Administration

Hacks #1-16

Hack 1 Use Run As to Perform Administrative Tasks

Hack 2 Drag and Drop to the Run Menu

Hack 3 Find and Replace Registry Keys from a Command Line

Hack 4 Automatically Log On After Booting

Hack 5 Wait for and Optionally Terminate a Process

Hack 6 Shut Down a Remote Computer

Hack 7 Rename Mapped Drives

Hack 8 Execute a Command on Each Computer in a Domain

Hack 9 Add, Remove, or Retrieve Environment Variables

Hack 10 Extend Group Policy

Hack 11 Disable EFS

Hack 12 Get Event Log Information

Hack 13 Shortcut to Remote Assistance

Hack 14 Desktop Checker

Hack 15 Top Five Tools

Hack 16 myITforum.com

Chapter 2. Active Directory

Hacks #17-24

Hack 17 Retrieve the List of Old Domain Computer Accounts

Hack 18 Automate Creation of OU Structure

Hack 19 Modify All Objects in the OU

Hack 20 Delegate Control of an OU to a User

Hack 21 Send OU Information in Active Directory to an HTML Page

Hack 22 Display Active Directory Information

Hack 23 Store and Display Contact Information in Active Directory

Hack 24 Restore the Active Directory Icon in Windows XP

Chapter 3. User Management

Hacks #25-35

Hack 25 Search for Domain Users

Hack 26 Manage User Accounts in Active Directory

Hack 27 Get a List of Disabled Accounts

Hack 28 Get User Account Information

Hack 29 Check for Passwords that Never Expire

Hack 30 Enumerate Group Membership to a CSV File

Hack 31 Modify User Properties for All Users in a Particular OU

Hack 32 Check Group Membership and Map Drives in a Logon Script

Hack 33 Script Creation of a User''s Home Directory and Permissions

Hack 34 Prevent Ordinary Users from Creating Local Accounts

Hack 35 Put a Logoff Icon on the Desktop

Chapter 4. Networking Services

Hacks #36-47

Hack 36 Manage Services on Remote Machines

Hack 37 Simplify DNS Aging and Scavenging

Hack 38 Troubleshoot DNS

Hack 39 Manually Recreate a Damaged WINS Database

Hack 40 Change WINS for All Enabled Adapters

Hack 41 Ensure DHCP Server Availability

Hack 42 Change a Network Adapter''s IP Info

Hack 43 Change from Static IP to DHCP

Hack 44 Release and Renew IP Addresses

Hack 45 Use netsh to Change Configuration Settings

Hack 46 Remove Orphaned Network Cards

Hack 47 Implement Windows 2000 Network Load Balancing

Chapter 5. File and Print

Hacks #48-53

Hack 48 Map Network Drives

Hack 49 Determine Who Has A Particular File Open on the Network

Hack 50 Display a Directory Tree

Hack 51 Automate Printer Management

Hack 52 Set the Default Printer Based on Location

Hack 53 Add Printers Based on Name of Computer

Chapter 6. IIS

Hacks #54-61

Hack 54 Back Up the Metabase

Hack 55 Restore the Metabase

Hack 56 Map the Metabase

Hack 57 Metabase Hacks

Hack 58 Hide the Metabase

Hack 59 IIS Administration Scripts

Hack 60 Run Other Web Servers

Hack 61 IISFAQ

Chapter 7. Deployment

Hacks #62-68

Hack 62 Get Started with RIS

Hack 63 Customize RIS

Hack 64 Tune RIS

Hack 65 Customize SysPrep

Hack 66 Remove Windows Components from the Command Line

Hack 67 Unattended Installation of Windows Components

Hack 68 Easily Create a Network Boot Disk

Chapter 8. Security

Hacks #69-78

Hack 69 Fundamentals of a Virus-Free Network

Hack 70 Antivirus FAQ

Hack 71 Rename the Administrator and Guest Accounts

Hack 72 Get a List of Local Administrators

Hack 73 Find All Computers that Are Running a Service

Hack 74 Grant Administrative Access to a Domain Controller

Hack 75 Secure Backups

Hack 76 Find Computers with Automatic logon Enabled

Hack 77 Security FAQ

Hack 78 Microsoft Security Tools

Chapter 9. Patch Management

Hacks #79-89

Hack 79 Best Practices for Patch Management

Hack 80 Beginners Guide to Enterprise Patch Management

Hack 81 Patch-Management FAQ

Hack 82 Enumerate Installed Hotfixes

Hack 83 Apply Patches in the Correct Order

Hack 84 Windows Update FAQ

Hack 85 Obtain Updates via the Windows Update Catalog

Hack 86 Use Automatic Updates Effectively

Hack 87 Use Group Policy to Configure Automatic Updates

Hack 88 Automatic Updates FAQ

Hack 89 Software Update Services FAQ

Chapter 10. Backup and Recovery

Hacks #90-100

Hack 90 Collect Disaster Recovery Files

Hack 91 Back Up Individual Files from the Command Line

Hack 92 Back Up System State on Remote Machines

Hack 93 Back Up and Restore a Certificate Authority

Hack 94 Back Up EFS

Hack 95 Work with Shadow Copies

Hack 96 Back Up and Clear the Event Logs

Hack 97 Back Up the DFS Namespace

Hack 98 Recover with Automated System Recovery

Hack 99 Recovery Roadmap

Hack 100 Data Recovery of Last Resort

Colophon

Index

index_A

index_B

index_C

index_D

index_E

index_F

index_G

index_H

index_I

index_K

index_L

index_M

index_N

index_O

index_P

index_Q

index_R

index_S

index_T

index_U

index_V

index_W

index_X
توضیحات
افزودن یادداشت جدید














Hack 58 Hide the Metabase

Protect the metabase on your critical web
servers by hiding its name and location from attackers.

Good security begins with pretty obvious things, such as renaming the
default administrator account and assigning it a strong password. The
same is true for the metabase, the database used by IIS to store its
configuration information. In Windows 2000, the metabase file is
metabase.bin and is located in the
%SystemRoot%\System32\inetsrv directory. By
changing both the name and location of the metabase, you can hide it
from malicious hackers, making it harder for them to corrupt the
configuration of your web servers.

Changing the name of the metabase first involves stopping the IIS
Admin Service. This can be done either from the GUI, by using
Internet Services Manager (right-click on the server node and select
Restart IIS), or by typing net stop iisadmin /y at
the command line. Once IIS is stopped, make a copy of
metabase.bin before you proceed, just in case
something goes wrong, and store this copy offline on a network share
or floppy. Then, move metabase.bin to a new
folder on your server, making sure the NTFS permissions on the folder
include Full Control for the built-in SYSTEM
identity and the built-in Administrators local
group on the machine. IIS requires these permissions to load the
metabase into memory and modify its contents when you change your IIS
configuration, and you, as administrator, require these permissions
to access the metabase later, if necessary. Rename the
metabase.bin file to something different and
give it a unique file extensionsomething like
ab345mn7.pqr, for example.

Now, open Registry Editor
(StartRunregedit)
and find the HKLM\SOFTWARE\Microsoft\InetMgr\Parameters
key. Add a new value to this key by right-clicking on
Parameters and selecting
NewString Value. Type
MetadataFile for the value name and leave the data
type as REG_SZ. Double-click on the value and
change the value data to the full path to where
ab345mn7.pqr (or whatever
you've called it) is located, as shown in Figure 6-7. Be sure to include the drive letter in your
path.


Figure 6-7. Hiding the name and location of the metabase


Now, start the IIS services by typing iisreset
/start at the command line. Open Internet Services Manager
and verify that you can modify the configuration and save changes
successfully. You're metabase is now hidden from
attackers, making your web server more secure.

Open Windows Explorer and find your
%SystemRoot%\System32\inetsrv folder again.
Surprise! There's a file named
metabase.bin in this directory again. For some
reason, when you delete or move this file and restart IIS services,
Windows automatically creates a new metabase.bin
file in the inetsrv directory. But if
you click on this file, you'll see that
it's only 610 bytes in size; it's
not a working metabase. In fact, go ahead and delete this
fileyou don't have to stop the IIS Admin
Services to do soand it shouldn't appear
again, even if you restart IIS again.

The metabase is hidden now, but what about backups of the metabase?
[Hack #54] showed how to back up
the metabase in order to prevent making configuration errors on your
IIS machine. If you've saved the configuration of
your IIS machine, copies of your metabase can be found in
%SystemRoot%\System32\inetsrv\MetaBack.
Unfortunately, there's no way to change the location
where metabase backups are stored, so the best thing to do might be
to copy these backups to a network share and then delete them from
the web server itself. That way, there's only one
copy of the metabase on your server, one that's
hidden and has a different name than
metabase.bin.

What about IIS 6? Unfortunately, on Windows Server 2003, creating a
HKLM\SOFTWARE\Microsoft\InetMgr\Parameters\MetadataFile
Registry key has no effect, so this method doesn't
work. But IIS 6 is inherently more secure than IIS 5 for a number of
reasons. Because you can encrypt metabase backups to prevent them
from being misused, it's probably not that important
that you can't hide the metabase on that platform.


/ 163