Używamy cookies, aby ułatwić korzystanie z Portalu. Możesz określić warunki przechowywania, dostępu do plików cookies w Twojej przeglądarce. Dowiedz się więcej.
strona główna Strona główna | Nowości | Promocje | Zapowiedzi Twoje konto | Zarejestruj | Schowek | Kontakt | Pomoc
mapa działów
Szukaj: szukanie zaawansowane
Książki \ Servery \ Windows Server

Windows Server 2003 Security Cookbook Język: 2


Cena Brutto: 205.80

Cena netto: 196.00

Wersja: Drukowana
Autor Robbie Allen
Liczba_stron 528
Wydawnictwo OReilly Media
Data_Wydania 2005-12-16
Poziom All Levels

Informacje podstawowe:

  • Wydawnictwo: O'Reilly Media
  • Data wydania: 16 grudnia 2005
  • Liczba stron: 528
  • Autor/autorzy:
    • Mike Danseglio
    • Robbie Allen


In the last few years, security has become a hot-button issue for IT organizations of all sizes. Accordingly, many of the security features that were either optional or suspect in Windows 2000 have become solid, effective fixtures in Windows Server 2003-making it the most secure operating system Microsoft has ever produced. That is, if you know how to configure it properly.

The Windows Server 2003 Security Cookbook wants to make sure that you do know how. Picking up right where its predecessor, the Windows Server Cookbook, left off, this desktop companion is focused solely on Windows Server security. It teaches you how to perform important security tasks in the Windows Server 2003 OS using specific and adaptable recipes. Each recipe features a brief description of the problem, a step-by-step solution, and then a discussion of the technology at work. Whenever possible, the authors even tell you where to look for further information on a recipe.

The book is written in a highly modular format, with each chapter devoted to one or more technologies that Windows Server 2003 provides. This approach allows you to look up a task or scenario that you want to accomplish, find that page, and read that particular recipe only. Topics include:

  • System preparation and administration
  • Protecting the computer at the TCP/IP level
  • Applying security options to Active Directory
  • Improving security on domain controllers
  • Securing DHCP controllers
  • Encrypting and signing network traffic using IPSec
  • Patch management

If you're an intermediate or advanced system administrator who wants to feel secure when deploying Windows Server 2003 and its related services, then you don't want to be without the Windows Server 2003 Security Cookbook.

O autorze/autorach:

Mike Danseglio

Mike Danseglio is a program manager in the Security Solutions group at Microsoft Corporation, and has worked in the areas of security and technology for the last decade. He holds several technical certifications including MCSE and CISSP. Mike's work includes developing and teaching extensive security training on topics such as cryptography, security technology, and attacks and countermeasures. Among his recent projects are writing security documentation for Windows XP and the Windows Server 2003 family, as well as working on a host of white papers and articles. Mike also works on security feature development for Microsoft Windows.

View Mike Danseglio's full profile page.

Robbie Allen

Robbie Allen is a Technical Leader at Cisco Systems where he has been involved in the deployment of Active Directory, DNS, DHCP, and several Network Management solutions. He enjoys working on Unix and Windows, and his favorite programming language is Perl. Robbie was named a Windows Server MVP in 2004 and 2005 for his contributions to the Windows community and publication of several popular O'Reilly books. Robbie is currently studying at MIT in the System Design and Management program.

View Robbie Allen's full profile page.

Zawartość (spis treści):

  1. Chapter 1 Getting Started

    1. What Is Security?
    2. Approach to the Book
    3. Where to Find the Tools
    4. Group Policy Notes
    5. Programming Notes
    6. Replaceable Text
    7. Reporting Security Issues to Microsoft
    8. Where to Find More Information
  2. Chapter 2 System Preparation and Administration

    1. Introduction
    2. Creating a Reference Installation
    3. Renaming the Domain Administrator Account
    4. Renaming the Local Administrator Accounts
    5. Disabling the Local Administrator Accounts
    6. Renaming the Guest Account
    7. Logging in as a Non-Administrator
    8. Configuring Internet Explorer Enhanced SecurityConfiguration
    9. Preventing Automatic Installation of New Hardware Drivers
    10. Protecting Against Modified Device Drivers
    11. Encrypting the SAM
    12. Locking the Console
    13. Enabling Screensaver Locking
  3. Chapter 3 TCP/IP

    1. Introduction
    2. Displaying the Status of TCP Ports
    3. Disabling NetBIOS over TCP/IP
    4. Disabling File and Print, Er Sharing for MicrosoftNetworks
    5. Enabling SYN Flood Protection
    6. Disabling Source Routing
    7. Disabling Router Discovery
    8. Configuring TCP/IP Filtering
    9. Enabling and Configuring Windows Firewall
  4. Chapter 4 Encrypting File System

    1. Introduction
    2. Enabling EFS Without a Recovery Agent
    3. Configuring a Recovery Agent
    4. Configuring Server-Based EFS
    5. Encrypting a File
    6. Encrypting a Folder
    7. Enabling EFS Context Menus
    8. Viewing Users and Recovery Agents
    9. Moving or Copying an Encrypted File or Folder
    10. Changing Encryption Algorithms
    11. Encrypting Offline Files
    12. Sharing Encrypted Files
    13. Backing Up EFS Keys
    14. Using a Recovery Agent
    15. Removing Unused Data
  5. Chapter 5 Active Directory

    1. Introduction
    2. Enabling SSL/TLS
    3. Encrypting LDAP Traffic with SSL or TLS; Digital Signing
    4. Using the Delegation of Control Wizard
    5. Customizing the Delegation of Control Wizard
    6. Using the Default ACL for an Objectclass
    7. Enabling List Object Access Mode
    8. Modifying the ACL on Administrator Accounts
    9. Viewing and Purging Your Kerberos Tickets
    10. Resetting the Directory Service Restore ModeAdministratorPassword
    11. Implementing Role-Based Access Control
    12. Displaying Delegated Rights
    13. Removing Delegated Rights
  6. Chapter 6 Group Policy

    1. Introduction
    2. Creating a GPO
    3. Copying a GPO
    4. Deleting a GPO
    5. Modifying the Settings of a GPO
    6. Creating a GPO Link to an OU
    7. Blocking Inheritance of GPOs on an OU
    8. Forcing a GPO Application
    9. Applying a Security Filter to a GPO
    10. Refreshing GPO Settings on a Computer
    11. Configuring the Group Policy Refresh Interval
    12. Installing Applications with a GPO
    13. Assigning Logon/Logoff and Startup/ShutdownScripts in aGPO
    14. Configuring Password Policies
    15. Configuring Account Lockout Policies
    16. Configuring Kerberos Policies
    17. Configuring User Rights Assignment
    18. Configuring Security Options
    19. Configuring Time Synchronization Settings
    20. Using Restricted Groups
    21. Configuring Service Parameters
    22. Configuring Registry Permissions
    23. Configuring File Permissions
  7. Chapter 7 Security Templates

    1. Introduction
    2. Using Default Security Templates
    3. Creating a Security Template
    4. Changing Account Policies
    5. Changing Local Policies
    6. Changing Event Log Settings
    7. Making Group Membership Changes
    8. Disabling Unwanted System Services
    9. Modifying Registry Permissions
    10. Modifying Filesystem Permissions
    11. Exporting Security Templates
    12. Importing Security Templates
    13. Verifying Template Application
    14. Analyzing a Security Configuration
    15. Testing Template Compatibility
  8. Chapter 8 Domain Controllers

    1. Introduction
    2. Disabling LM Hash Storage
    3. Removing Stored LM Hashes
    4. Requiring NTLM Authentication
    5. Using Syskey to Thwart Offline Attacks
    6. Signing LDAP Communications
    7. Hardening Domain Controllers with SecurityTemplates
  9. Chapter 9 User and Computer Accounts

    1. Introduction
    2. Enabling and Disabling a User
    3. Finding Disabled Users
    4. Unlocking a User
    5. Troubleshooting Account Lockout Problems
    6. Viewing and Modifying the Account Lockout andPasswordPolicies
    7. Setting a User's Account to Expire
    8. Setting a User's Password
    9. Forcing a User Password Change at Next Logon
    10. Preventing a User's Password from Expiring
    11. Setting a User's Account Options
    12. Finding a User's Last Logon Time
    13. Restricting a User's Logon Hours and Workstations
    14. Resetting a Computer Account
    15. Finding Inactive or Unused Computer Accounts
    16. Trusting a Computer Account for Delegation
  10. Chapter 10 Rights and Permissions

    1. Introduction
    2. Using Standard File Permissions
    3. Using Special File Permissions
    4. Determining File Permission Inheritance
    5. Using Deny Permission
    6. Determining Effective Permissions
    7. Determining File Ownership
    8. Modifying File Ownership
    9. Restoring Default Permissions
    10. Hardening Registry Permissions
    11. Restricting Remote Access to the Registry
  11. Chapter 11 Dynamic Host Configuration Protocol

    1. Introduction
    2. Authorizing a DHCP Server
    3. Detecting Rogue DHCP Servers
    4. Restricting DHCP Administrators
    5. Disabling NetBIOS over TCP/IP Name Resolution
    6. Enabling Dynamic DNS Updates from the DHCP Server
    7. Running DHCP Server on a Domain Controller
  12. Chapter 12 Domain Name System

    1. Introduction
    2. Securing DNS Using the Separate NamespacesApproach
    3. Securing DNS Using the Split-Brain Approach
    4. Restricting DNS Administration Using theDNSAdmins Group
    5. Hiding Your Internal IP Addressing Scheme
    6. Blocking Unwanted DNS Traffic Through aFirewall
    7. Restricting DNS Traffic Through a FirewallUsingForwarders
    8. Preventing DoS Attacks by Disabling Recursion
    9. Hardening DNS by Converting Standard Zones to Active DirectoryIntegrated
    10. Protecting DNS Zones by Requiring Only SecureDynamicUpdates
    11. Hardening DNS Clients by Requiring Them to UseSecure DynamicUpdates
    12. Protecting DNS Zones by Disabling DynamicUpdates
    13. Hardening DNS Clients by Preventing Them fromAttempting DynamicUpdates
    14. Preventing Unauthorized Zone Transfers
    15. Restricting Zone Transfers to Legitimate DNS Servers
    16. Preventing Cache Pollution on DNS Servers
    17. Monitoring Suspicious DNS Requests UsingDebug Logging
    18. Securing Resource Records When Usingthe DnsUpdateProxyGroup
    19. Preventing DNS Session Sniffing and Hijacking
  13. Chapter 13 File and Print Servers

    1. Introduction
    2. Creating a Hidden File Share
    3. Deleting a File Share
    4. Securing Shared Folders and Files
    5. Preventing Shared File Caching
    6. Determining Access Levels for a File Share
    7. Listing All File Shares
    8. Restricting Printing Permissions
    9. Hardening the Print Spooler
    10. Moving the Print Spool Folder
    11. Disabling Internet Printing
    12. Removing Internet Printing
  14. Chapter 14 IPsec

    1. Introduction
    2. Using a Default IPsec Policy
    3. Creating an IPsec Policy
    4. Creating a Blocking Rule
    5. Creating a Permit Rule
    6. Configuring IPsec Boot Mode
    7. Configuring Authentication Methods
    8. Configuring Connection Types
    9. Configuring Key Exchange
    10. Configuring Session Cryptography
    11. Configuring IP Filter Lists
    12. Configuring IP Filter Actions
    13. Configuring Security Methods
    14. Activating an IPsec Rule
    15. Deactivating an IPsec Rule
    16. Assigning and Unassigning IPsec Policies
    17. Viewing IPsec Statistics with System Monitor
    18. Verifying IPsec Traffic
    19. Using IPsec Monitor to Verify IPsec
    20. Troubleshooting IPsec Connections
  15. Chapter 15 Internet Information Services

    1. Introduction
    2. Configuring Listening Port
    3. Removing Unused Components
    4. Configuring HTTP Authentication
    5. Configuring FTP Authentication
    6. Changing the User Context for AnonymousAccess
    7. Disabling Anonymous Access
    8. Restricting Client Access by ACL
    9. Restricting Client Access by IP Address or DNSName
    10. Installing Server Certificates
    11. Enabling Secure Sockets Layer
    12. Enabling Client Certificate Authentication
    13. Requiring Client Certificate Authentication
    14. Configuring Trusted Certification Authorities
    15. Configuring One-to-One Client Certificate Mapping
    16. Configuring Many-to-One Client CertificateMapping
  16. Chapter 16 RRAS and IAS

    1. Introduction
    2. Configuring the Routing and Remote Access Server
    3. Allowing Authentication Protocols
    4. Requiring Smart Card Authentication
    5. Using Preshared Keys
    6. Configuring RRAS to Use IAS
    7. Installing Internet Authentication Service
    8. Configuring IAS Auditing
    9. Configuring Local IAS Logging
    10. Configuring SQL IAS Logging
    11. Creating a Remote Access Policy
    12. Configuring Connection Time
  17. Chapter 17 Terminal Services and Remote Desktop

    1. Introduction
    2. Choosing a Security Mode
    3. Configuring Session Encryption
    4. Limiting Client Sessions
    5. Requiring a Password for Connection
    6. Securing RPC Administration Traffic
    7. Allowing Silent Session Monitoring
    8. Monitoring Sessions
    9. Enabling Remote Desktop
    10. Configuring Access to Remote Desktop
  18. Chapter 18 Public Key Infrastructure and Certificates

    1. Introduction
    2. Installing an Offline Root CA
    3. Installing an Enterprise Subordinate CA
    4. Installing a Standalone Subordinate CA
    5. Publishing a CRL from an Online CA
    6. Publishing a CRL from an Offline CA
    7. Restricting Access to the CA
    8. Auditing CA Operations
    9. Configuring Certificate Templates
    10. Authorizing the CA to Issue Certificates
    11. Archiving Private Keys
    12. Sending Enrollment Notifications via Email
    13. Requesting Certificates Automatically
    14. Approving and Denying Certificate Requests
    15. Retrieving Issued Certificates
    16. Renewing Certificates
    17. Revoking Certificates
    18. Configuring a Trusted Certificate
    19. Identifying Local Certificates and Private Keys
    20. Backing Up Certificates and Private Keys
    21. Restoring Certificates and Private Keys
  19. Chapter 19 Auditing

    1. Introduction
    2. Auditing Account Logon Events
    3. Auditing Account Management Events
    4. Auditing Directory Service Events
    5. Auditing File Access
    6. Auditing File Share Configuration Events
    7. Auditing Web Server Access
    8. Auditing Policy Change Events
    9. Auditing Privilege Use Events
    10. Auditing Process Tracking Events
    11. Auditing System Events
    12. Shutting Down Windows When Unable to LogEvents
  20. Chapter 20 Event Logs

    1. Introduction
    2. Viewing Events
    3. Setting the Maximum Size of an Event Log
    4. Setting the Event Log Retention Policy
    5. Clearing the Events in an Event Log
    6. Restricting Access to an Event Log
    7. Searching the Event Logs on Multiple Servers
    8. Archiving an Event Log
    9. Finding More Information About an Event
    10. Triggering an Action when an Event Occurs
    11. Consolidating Event Logs
  21. Chapter 21 Patch Management

    1. Introduction
    2. Installing a Root Update Server
    3. Installing a Subordinate Update Server
    4. Installing a Nonstoring Update Server
    5. Installing an Update Server on a NondedicatedServer
    6. Configuring Computers to Use the InternalUpdate Server
    7. Refreshing the Update Server
    8. Configuring the Computer Update Type andSchedule
    9. Creating a Test Group
    10. Approving and Declining Updates
    11. Automatically Approving Critical Updates
    12. Removing Updates
    13. Forcing an Update Scan
    14. Manually Applying Updates
    15. Disabling Windows Update
    16. Checking Status of Update Application
    17. Verifying Update Application with MBSA
  1. Colophon

Produkty Podobne
Windows Server 2019 dla profesjonalistów. Wydanie II
Windows Server 2019 Inside Out PL
Tajniki Windows Server 2016
Exam Ref 70-745 Implementing a Software-Definidyn DataCenter
Windows Server 2016 Inside Out PL
Windows Server 2016 Unleashed (includes Content Update Program)
MCSA Windows Server 2016 Cert Guide Library (Exams 70-740, 70-741, and 70-742)
Zestaw Szkoleniowy (Egzaminy 70-740, 70-741, 70-742, 70-744): Windows Server 2016
MCSA 70-742 Cert Guide: Identity with Windows Server
MCSA 70-741 Cert Guide: Networking with Windows Server 2016
Więcej produktów