Securing Windows NT/2000 Servers for the Internet

Whilst Windows NT and 2000 systems have emerged as viable platforms for Internet servers, securing Windows for Internet use is a complex task. This guide simplifies the task by paring down installation and configuration instructions into a series of security checklists.

---

Windows NT and Windows 2000 systems have emerged as viable platforms for Internet servers. More and more organizations entrust the full spectrum of business activities - including e-commerce - to Windows. Unfortunately, the typical Windows NT/2000 installation makes a Windows server an easy target for attacks, and configuring Windows for secure Internet use is a complex task. "Securing Windows NT/2000 Servers for the Internet" suggests a two-part strategy to accomplish the task: "Hardening" any Windows server that could potentially be exposed to attacks from the Internet, so the exposed system (known as a "bastion host") is as secure as it can be; and providing extra security protection for exposed systems by installing an additional network (known as a "perimeter network") that separates the Internet from an organization's internal networks. The text provides a guide that pares down installation and configuration instructions into a series of checklists aimed at Windows administrators.
Topics include: introduction - Windows NT/2000 security threats, architecture of the Windows NT/2000 operating system and typical perimeter networks; how to build a Windows NT bastion host; configuring Windows and network services, encrypting the password database, editing the registry, setting system policy characteristics, performing TCP/IP configuration, configuring administrative tools, and setting necessary permissions; differences between Windows NT and Windows 2000 security including IPSec (IP Security Protocol) configuration.; secure remote administration - SSH, OpenSSH, TCP Wrappers, the Virtual Network Console, and the new Windows 2000 Terminal Services; and Windows NT/2000 backup, recovery, auditing, and monitoring - event logs, the audit policy, time synchronization with NTP (Network Time Protocol), remote logging, integrity checking, and intrusion detection.