Have You Locked the Castle Gate? Home and Small Business Computer Security

Brian Shea is currently the team lead for a Windows security team at one of the nation's largest financial institutions. His duties include securing the bank's Windows systems and helping home users who dial in to secure their own systems. During his ten years in the computer security field, he has written everything from security programs to white papers for management and nontechnical staff. Brian lives near Seattle with his wife and daughter. When not working, he can often be found enjoying the great outdoors in the Pacific Northwest. 020171955XAB04092002

Introduction: Installing Locks in the Global Village.


Introduction.



Who Needs to Read This Book?



Why the Homestead Example?



Is the Example Important?



Introduction to the Homestead.



Is Your House Locked at Night?



What's Important Here?



Sidebar: Key Security Concepts.



Starting Out.



Important Assumptions.



It's Your Data.



Where to Look First.



How Secure Is Your System Out of the Box?



1. Assessing Risk.


Data Classification.



What Am I Protecting?



Is It Worth Protecting?



Who Am I Protecting Against?



Sidebar: Who Are They?



Risk Assessment Checklists.



2. General Network Security.


Security In-Depth, or Layered Security.



Grant All versus Deny All.



Encryption or Clear.



Sidebar: Determining “Strong Enough” and Moore's Law.



Defining Access and Rights.



Users and Their Roles.



Sidebar: Who Is the Boss? Granting Administrator Privileges.



Grouping Users.



Providing File and Directory Access.



Granting Privileges.



Sidebar: Domain versus Workgroup.



Denying Access.



Sharing Files.



Data Backups.



Selecting a Network Security Model Checklist.



3. Securing Your Computer.


Securing Your Windows System.



Sidebar: Service Packs and Hotfixes.



Sidebar: What Is the Registry?



Sidebar: Security Configuration Editor.



4. Securing Your Servers.


Why Servers Are Different.



Where to Start on Your Server Security.



Sidebar: The OSI Model.



Securing Windows NT Servers.



Sidebar: Why Protect Your Performance Data?



Sidebar: Resource Kit, MSDN, and TechNet.



Securing Windows 2000 Servers.



Server Security Checklist.



5. Connecting to the Internet.


Types of Connections.



Sidebar: Why Should You Worry?



Basic Internet Security.



Advanced Internet Security.



Sidebar: More About Encryption.



Who Is Watching You?



Privacy Issues.



Internet Security Checklist.



6. E-mail Security.


Why E-mail Is Cool.



How E-mail Works.



Security Issues with E-mail Systems.



Sidebar: Encryption in E-mail.



Sidebar: What Makes It Junk Mail?



Getting Off E-mail Lists.



E-mail Security Checklists.



7. Web Security.


What Is the World Wide Web, Really?



What They Know About You.



Cookies and Security.



Browser Security: Why Is It So Important?



Sidebar: “Sandboxes”.



Web Page Security.



E-commerce Security Issues.



Web Security Checklist.



8. Defending Against Hackers.


The Extent of the Problem.



Sidebar: Signs of a Social Engineering Attack.



Can Anyone Help?



9. Viruses, Trojan Horses, Hoaxes.


Computer Viruses and Trojan Horses.



Sidebar: Nimda, Code Red, and I Love You.



Why Should I Care?



Defending Against Threats.



Hoaxes and Why They're a Problem.



Sidebar: Crying Wolf or Real Threat?



Active Content on the Web.



Virus and Trojan Horse Security Checklist.



Appendix A. Additional Resources.


Where Can I Learn More?



Mailing Lists.



Web and FTP Sites.



Computers Incident Response Centers.



Antivirus Software.



Antivirus Resources.



Appendix B. Glossary of Security Terms and Acronyms.


Common Acronyms.



Common Security Terms.



Bibliography.


Index. 020171955XT04092002