Windows NT/2000 Network Security
Sams Publishing (Verlag)
978-1-57870-253-4 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
This book is intended primarily for LAN administrators, system programmers, information security staff, and advanced users. Although the main focus of the book will be technical, many facets of Windows NT security involve practicing sound control procedures. As such, much of the book¿s discussion will be pertinent to all three groups. Windows NT/2000 Network Security will also thoroughly cover security-relevant technical issues such as controlling services protocols like Web-services and SMB. The book will be carefully sequenced to delve into technical issues increasingly with each chapter, so that the last half of the book will be more relevant to LAN administrators and system programmers than anyone else – whereas the first half will be equally pertinent to all groups.
Eugene Schultz, Ph.D., CISSP, is the Research Director and Trusted Security Advisor for Global Integrity Corporation (an SAIC Company) and is also an adjunct professor at Purdue University. Prior to joining Global Integrity, Dr. Schultz was Principal Consultant at SRI Consulting. An expert in NT, Unix, LAN, network security, and security administration and management, Dr. Schultz has co-authored several books and published over 80 journal articles. He is Editor of Information Security Bulletin and a consulting editor of Network Security. He was voted one of the Top Presenters at the SANS Conferences, was co-recipient of the Best Paper Award at the 1995 National Information Systems Security Conference, and received the Information Systems Security Association (ISSA) Professional Contribution Award in 1998. Dr. Schultz is also the founder and former manager of the Computer Incident Advisory Capability (CIAC) for the U.S. Department of Energy. He has provided expert testimony in the U.S. Senate and House of Representatives.
1. Introduction and Overview.
Overview of Windows NT. Types of Windows NT Products. Functionality Versus Security. About Information Security. The Insider Versus Outsider Threat. The Current Picture for Windows. A Look at What's New in Windows 2000. Conclusion.
2. The Structure of Windows NT Security.
Architecture. The Windows NT Security Model. Types of Security Features. Privilege Structure. Object Access Authorization Architecture. How Secure Is Windows NT? Security Policy and Technology Standards: What Difference Do They Make? Conclusion.
3. The Windows NT Network Environment.
Types of Network Implementations. Some Basic Terminology. Major Network Components. Network Layouts. Local Versus Wide Area Networking. The OSI Model. Services and Protocols. NetBIOS and SMB-Based Networking in Windows. Null Sessions. NetBIOS and SMB-Based Vulnerabilities. Conclusion.
4. Basic Windows NT Security Exposures.
Types of Generic Security Exposures. Specific Windows NT Vulnerabilities. Password-Based Attacks. Conclusion.
5. Configuring Windows NT Server for Security.
Security Considerations During Windows NT Installation. Securing Critical Directories. Is Everyone a Suitable Group for Universal Access in Windows NT? Achieving Privilege Control. Securing Accounts and Groups. Securing the Registry. Setting Account Policy and User Properties Parameters. Enabling Auditing. Installing Antivirus Software. Conclusion.
6. Maintaining Windows NT Security.
Securing Administrative Shares. Securing Other Shares. Securing Trust Relationships. Making Backups. Integrity Checking. Installing Service Packs (SPs) and Hot Fixes. Useful Registry Changes. Alerts. Fault Tolerance. Conclusion.
7. Basic Network Security Measures.
Windows NT's Strengths and Weaknesses in Network Security. Deploying Windows NT Properly. Firewall Solutions. Architectural Solutions. System-Based Network Security Measures. Monitoring and Intrusion Detection. Securing Interoperability Programs. Secure System Administration Methods. Conclusion.
8. Securing Network Services and Protocols.
Securing Web Services. Securing FTP. Network News Transfer Protocol Services. Simple Network Management Protocol. Dynamic Host Configuration Protocol. Windows Internet Name Service. Domain Name Service. Remote Access Service. Conclusion.
9. Virtual Private Networks.
What Are VPNs? Microsoft Built-In VPN: Point-to-Point Tunneling Protocol. Configuring PPTP. Configuring PPTP on the Client. Non-Microsoft PPTP Solutions. Conclusion.
10. Workstation Security.
Viruses. Executable Content Languages. Workstation Considerations in Domain Security. Conclusion.
11. Security Considerations for Windows 2000.
About Windows 2000. Security Architecture. Vulnerabilities in Windows 2000-Already! Active Directory. Kerberos. Delegation. Trust. Authentication. Authorization. NTFS-5. Encrypted File System. IPSec. Smart Card Support. Basic Security Model. Recommendations. Managing Delegation. Conclusion.
Appendix A. Port-Assignment Conventions.
Appendix B. RFCs Supported by the Windows NT Implementation of TCP/IP.
Appendix C. Significant Security-Related Features of Service Packs 3-6a for Windows NT 4.0.
Appendix D. Useful Security-Related Tools from the Windows NT 4.0 Resource Kit.
Appendix E. A Script for Securing Windows NT Systems.
Appendix F. Manual Clean-Up Procedures for Tightening Security after Script Execution.
Index.
| Erscheint lt. Verlag | 9.8.2000 |
|---|---|
| Verlagsort | Indianapolis |
| Sprache | englisch |
| Gewicht | 608 g |
| Themenwelt | Informatik ► Betriebssysteme / Server ► Windows |
| Informatik ► Betriebssysteme / Server ► Windows Server | |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| ISBN-10 | 1-57870-253-4 / 1578702534 |
| ISBN-13 | 978-1-57870-253-4 / 9781578702534 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
