Hardening Windows Systems [Paperback]

Roberta Bragg (Author)

Book Description

ISBN-10: 0072253541 | ISBN-13: 978-0072253542 | Publication Date: May 11, 2004 | Edition: 1

“The definitive tool to learn what’s proper for Microsoft Windows systems. Roberta’s excellent guidance will easily help you build secure, resiliant systems.” --Steve Riley, Security Business and Technology Unit, Windows Division, Microsoft Corporation

Take a proactive approach to network security by hardening your Windows systems against attacks before they occur. Written by security evangelist Roberta Bragg, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Whether you have one Windows server or one hundred, you’ll get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan. With coverage of Windows 95/98/NT 4.0/2000/XP and Windows Server 2003, this book is an essential security tool for on-the-job IT professionals.

Features a four-part hardening methodology:

• Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
• Take It From The Top--Systematic approach to hardening your enterprise from the top down, focusing on authentication, access controls, borders, logical security boundaries, communications, storage, and administrative authority
• Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
• How to Succeed At Hardening Your Windows Systems--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program

Roberta Bragg, CISSP, MCSE: Security, Security+, co-author of Network Security: The Complete Reference, instructor, and consultant, focuses on how to proactively deploy proven security principles to defend Windows systems from possible attack. Roberta is the Security Advisor columnist for MCP magazine, the Security Expert for searchWin2000.com, and writes for the Security Watch newsletter. Roberta is the series editor of McGraw-Hill/Osborne’s Hardening security series.

Editorial Reviews

From the Back Cover

“The definitive tool to learn what’s proper for Microsoft Windows systems. Roberta’s excellent guidance will easily help you build secure, resiliant systems.” --Steve Riley, Security Business and Technology Unit, Windows Division, Microsoft Corporation

Take a proactive approach to network security by hardening your Windows systems against attacks before they occur. Written by security evangelist Roberta Bragg, this hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Whether you have one Windows server or one hundred, you’ll get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan. With coverage of Windows 95/98/NT 4.0/2000/XP and Windows Server 2003, this book is an essential security tool for on-the-job IT professionals.

Features a four-part hardening methodology:

• Do This Now!--Checklist of immediate steps to take to lockdown your system from further attack
• Take It From The Top--Systematic approach to hardening your enterprise from the top down, focusing on authentication, access controls, borders, logical security boundaries, communications, storage, and administrative authority
• Once Is Never Enough!--Ongoing monitoring and assessment plan to keep your network secure, including patch management and auditing
• How to Succeed At Hardening Your Windows Systems--Strategies for getting budget approval, management buy-in, and employee cooperation for your security program

Roberta Bragg, CISSP, MCSE: Security, Security+, co-author of Network Security: The Complete Reference, instructor, and consultant, focuses on how to proactively deploy proven security principles to defend Windows systems from possible attack. Roberta is the Security Advisor columnist for MCP magazine, the Security Expert for searchWin2000.com, and writes for the Security Watch newsletter. Roberta is the series editor of McGraw-Hill/Osborne’s Hardening security series.

About the Author

Robert Bragg (Grain Valley, MO), CISSP, MCSE: Security; Security+, ETI-Client Server, Certified Technical Trainer, IBM Certified Trainer, DB2-UDB, Citrix Certified Administrator, has been a Security Advisor columnist for MCP magazine for five years, is a Security Expert for searchWin2000.com, and writes for the Securitywatch newsletter, which has over 55,000 subscribers. She designed, planned, produced, and participated in the first Windows Security Summit, held in Seattle in 2002. She has served as adjunct faculty at Seattle Pacific University and the Johnson County Community College teaching courses on Windows 2000 Security Design and Network Security Design.

Product Details

• Paperback: 544 pages
• Publisher: McGraw-Hill Osborne Media; 1 edition (May 11, 2004)
• Language: English
• ISBN-10: 0072253541
• ISBN-13: 978-0072253542
• Product Dimensions: 9.3 x 7.4 x 1.2 inches
• Shipping Weight: 2 pounds (View shipping rates and policies)
• Average Customer Review: 4.2 out of 5 stars  See all reviews (9 customer reviews)
• Amazon Best Sellers Rank: #607,741 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

6 of 6 people found the following review helpful:

5.0 out of 5 stars Invaluable Information For Windows Administrators, January 29, 2005

By 

Tony Bradley "s3kur3" (Houston, TX) - See all my reviews
(VINE VOICE)   

This review is from: Hardening Windows Systems (Paperback)

A trip to the local book store will quickly show you that there is no shortage of books on the subject of network security. In fact, Roberta Bragg, the author of Hardening Windows Systems, has written some of the other contributions to this genre as well. So, why another one?

Osborne / McGraw-Hill publishing, publishers of the Hacking Exposed series, introduced the Hardening Series of books, to add a fresh perspective and approach to network security books. Rather than simply regurgitating the same theoretical material and security best practice details, these books provide more nitty-gritty, action-oriented information.

In the first chapter, Bragg provides a list of ten things you should do immediately to secure your Windows systems. This helps get you very quickly from cracking the cover to getting actionable information you can implement now.

Working in I.T. though, I think that the last section is possibly more valuable than the information about securing the system. Getting budget approval, management support and user cooperation are all essential to securing the network and this information is invaluable.

I like the structure and approach of this book and recommend it for anyone supporting a Windows-based network.

(...)

8 of 9 people found the following review helpful:

5.0 out of 5 stars What I expected from a hardening book -- actionable details, July 24, 2004

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Hardening Windows Systems (Paperback)

Roberta Bragg's _Hardening Windows Systems_ (HWS) is exactly the sort of book I expected from McGraw-Hill/Osborne's new 'Hardening' series. The publisher gained fame through its assessment-oriented 'Hacking Exposed' series, and now it advocates preventing intrusions via configuration instead of assessment. (Those familiar with my Network Security Monitoring theories will remember I believe 'prevention eventually fails,' but I still recommend doing everything possible to make the intruder's task difficult!) HWS is a Windows security tour-de-force, and I intend to recommend it often.

I am blessed by not having to support Windows workstations or servers (other than my family's systems) because I run various UNIX variants at home and at work. If you're stuck defending Windows, HWS will show you how -- immediately. The book has literally one page of theory in ch 1 before advocating numerous 'do it now!' steps. This direct approach keeps the book at a manageable 500 pages or so, yet doesn't skip the details.

Furthermore, the term 'Windows' doesn't just mean Windows 2000, the current 'corporate standard' (despite Microsoft's best efforts to encourage upgrades). HWS actually spends time on servers like Windows NT 4, 2000, and 2003, and clients like NT 4, 2000, and XP. Even Windows 95 and 98 receive a few mentions. I was impressed by real advice for operating three sorts of 'domains' in ch 4 -- workgroups, NT 4 domains, or Active Directory forests. Too often Microsoft concentrates on the latest and greatest, but HWS recognizes corporate realities.

HWS includes some of the most information-packed tables I've ever seen. Table 5-3, explaining Windows services that can be disabled to improve security, is awesome. Table 9-3, recommending IE security settings, is similarly helpful. Author Bragg packs so much detail into these tables that reading them alone will help your security efforts. Screen shots are also shown to supplement the step-by-step instructions needed to configure Windows.

My only real criticism is the complete focus on Windows-bundled features. There is no mention of helpful third party applications, like OpenSSH, Cygwin, or Perl. A great older book on Windows security called _Securing Windows NT/2000 Servers for the Internet_ explained these and other options. Integration with non-Windows systems and services, like sending Windows Event Logs to syslog servers, would recognize the heterogeneous nature of modern enterprises. I would also like to see information on profiling Windows systems, displaying the ports and services expected to be active. This would help sys admins understand normal Windows behavior and possibly identify intruder activity.

I plan to add HWS to my recommended reading Listmania List, and I hope you consider this book if securing Windows systems is on your to-do list.

6 of 7 people found the following review helpful:

4.0 out of 5 stars A good overview of Windows Security, February 12, 2005

By 

Tom (CA) - See all my reviews

Amazon Verified Purchase

This review is from: Hardening Windows Systems (Paperback)

I was very pleased with this book. One of the problems I've had with most books on network security is that they go on and on about theory and then leave it to you to turn their high level discussion into actual practice.

That's not the case with this book, this is a book where you can literally sit down with it open, and configure a system step by step using what is provided. The author's style is very matter of fact in that there is very little of the "chatty tone" that (in my opinion) takes up so much valuable space in other books. This book is straightforward: This is the problem - This is how you fix it.

There's also a healthy dose of screen shots which never hurts.

I didn't give it 5 stars for two, fairly benign reasons. (1) It covers all versions of Windows including Windows 98, Windows NT 4, Windows 2000, Windows 2003, and Windows XP. So, any given reader is bound to find a good chunk of the book doesn't apply to them. (2) A little more of the theoretical side might have been good. It's great that this book is so task oriented but I think that someone who hadn't read other security books in the past might not grasp why the book suggests certain things.

Nonetheless, I'd recommend this book to anyone interested in Windows Security.