Customer Reviews


5 Reviews
5 star:
 (5)
4 star:    (0)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 
Only search this product's reviews
Most Helpful First | Newest First

61 of 63 people found the following review helpful:
5.0 out of 5 stars I'm the technical editor for this book..., August 22, 2000
By 
This review is from: Microsoft Windows 2000 Security Handbook (Paperback)

It's always hard to select a book online- sometimes the description of the book does not really tell you what you want to know. So I'll take this space to tell you a little about the book.

What It Is:
If you're interested in a book that is part technical reference, part programmer's guide, and all Windows 2000, then this book is for you. It goes deep enough into each topic to give you a thorough understanding of the feature or concept being described, but does not bog down and put you to sleep like a technical reference. It is not just "fluff" material, however- the material is what I would generally describe as 300 level in terms of technical depth.

What It's Not:
If you're looking for a step-by-step guide to hardening a Windows 2000 machine, then you should look elsewhere. This is not a rehash of information you'll find on the Microsoft security site. It is also not just a programmer's guide. There are entire books dedicated just to security programming on Windows NT. However, if you're already familiar with NT security programming, and just want an quick orientation to using the new features of Windows 2000, then this book may be for you.

This book discusses Windows 2000 security from an architectural standpoint, then discusses how to write code to use some of the new features such as CAPI 2.0, and closes with discussions of intrusion detection, penetration testing and security best practices.

I personally found the chapter "Writing Secure Code" to be particularly interesting. As a demonstration of insecure coding practices, it actually walks you through constructing a buffer overflow attack against a vulnerable Windows application that you also write.

Here's the table of contents:

I. Windows 2000 System Basics
1. Windows 2000 Architecture
2. Processes and Threads
3. Security Model
4. NTFS 5.0
5. Services
6. Drivers

II. Computer Network Security Foundations
7. Windows Networking Protocols
8. Cryptography
9. IPSec
10. PKI
11. Kerberos
12. X.500 and LDAP

III. Network Security in Windows 2000
13. Networking Model
14. Active Directory
15. Authentication
16. SSPI
17. CryptoAPI
18. Certificate Services
19. COM, DCOM, and RPC
20. VPNs
21. EFS
22. DNS, DDNS, & WINS

IV. Protecting Youself and Your Network Services
23. Secure Computing Practices
24. Building and Administering a Secure Server
25. Security with High-Speed Full-Time Connections
26. Detecting and Reacting to Intrusions
27. Recent Issues Explored
28. Penetration Testing
29. Writing Secure Code

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


8 of 8 people found the following review helpful:
5.0 out of 5 stars Excellent, in-depth discussion, August 28, 2000
This review is from: Microsoft Windows 2000 Security Handbook (Paperback)
While most security books are simple walk-through guides, Mr. Schmidt's text contains all of the details that the others leave out. While parts were well over my head, I appreciated the focus on technical completeness and understanding of security concepts. This book was an excellent addition to my bookshelf and I highly recommend it.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars I met Jeff Schmidt, May 17, 2002
By A Customer
This review is from: Microsoft Windows 2000 Security Handbook (Paperback)
I met the writer for a job interview, he is a great guy... but who cares? this is a boook review right? I work for a computer emergency response team and we use this book as a "security crash course" and as a hard reference. If you want to know about windows 2000 security this is seriously the book to have. It is very technical and not for script kiddies. If you are just looking for something to use as a basic refresher then skip this, get a microsoft book or something tame. This is grassroots hardcore good.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars One of the best books I paid for, January 24, 2002
By 
Ronaldo Aquino (Sydney, Australia) - See all my reviews
This review is from: Microsoft Windows 2000 Security Handbook (Paperback)
This book easily complements my Win2K manuals. Most notable chapters are 28-29, i.e. Penetration Testing: Hack Your Own System and Writing Secure Code. Highly recommended for anyone trying to secure their Win2K environment. Pity it's not available in PDF.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars I'm the technical editor for this book..., August 23, 2000
By 
This review is from: Microsoft Windows 2000 Security Handbook (Paperback)

It's always hard to select a book online- sometimes the description of the book does not really tell you what you want to know. So I'll take this space to tell you a little about the book.

What It Is:
If you're interested in a book that is part technical reference, part programmer's guide, and all Windows 2000, then this book is for you. It goes deep enough into each topic to give you a thorough understanding of the feature or concept being described, but does not bog down and put you to sleep like a technical reference. It is not just "fluff" material, however- the material is what I would generally describe as 300 level in terms of technical depth.

What It's Not:
If you're looking for a step-by-step guide to hardening a Windows 2000 machine, then you should look elsewhere. This is not a rehash of information you'll find on the Microsoft security site. It is also not <i>just</i> a programmer's guide. There are entire books dedicated just to security programming on Windows NT. However, if you're already familiar with NT security programming, and just want an quick orientation to using the new features of Windows 2000, then this book may be for you.

This book discusses Windows 2000 security from an architectural standpoint, then discusses how to write code to use some of the new features such as CAPI 2.0, and closes with discussions of intrusion detection, penetration testing and security best practices.

I personally found the chapter "Writing Secure Code" to be particularly interesting. As a demonstration of insecure coding practices, it actually walks you through constructing a buffer overflow attack against a vulnerable Windows application that you also write.

Here's the table of contents:

I. Windows 2000 System Basics
1. Windows 2000 Architecture
2. Processes and Threads
3. Security Model
4. NTFS 5.0
5. Services
6. Drivers

II. Computer Network Security Foundations
7. Windows Networking Protocols
8. Cryptography
9. IPSec
10. PKI
11. Kerberos
12. X.500 and LDAP

III. Network Security in Windows 2000
13. Networking Model
14. Active Directory
15. Authentication
16. SSPI
17. CryptoAPI
18. Certificate Services
19. COM, DCOM, and RPC
20. VPNs
21. EFS
22. DNS, DDNS, & WINS

IV. Protecting Youself and Your Network Services
23. Secure Computing Practices
24. Building and Administering a Secure Server
25. Security with High-Speed Full-Time Connections
26. Detecting and Reacting to Intrusions
27. Recent Issues Explored
28. Penetration Testing
29. Writing Secure Code

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


Most Helpful First | Newest First

This product

Microsoft Windows 2000 Security Handbook
Microsoft Windows 2000 Security Handbook by MCSE. Jeff Schmidt (Paperback - August 7, 2000)
Used & New from: $0.02
Add to wishlist See buying options