Deploy and administer bullet-proof Windows 2000 security policies. This book explains how to safeguard intranet, Internet, and e-commerce transactions with IPSec, defend against hacking, spoofing, sniffing, and DDS attacks, and secure your network with firewalls, proxy servers, and VPNs.
Book Description
Editorial Reviews
From the Back Cover
Your practical guide to securing your Windows 2000 network
Implement rock-solid security on your Windows 2000 enterprise network with the expert information in this comprehensive resource. Windows 2000 Security Handbook shows you, step-by-step, how to locate and plug security holes and backdoors, authenticate users, and defend against the latest methods of attack. You'll get in-depth coverage of the all-new security features in Windows 2000 - from Active Directory, Kerveros 5, and smartcards, to IPSec and PKI. Throughout the book, you'll get advice on how to incorporate sound security practices into your daily administrative tasks. The companion web site at www.osborne.com includes bonus content on Microsoft Certificate Services, a listing of Windows 2000 Services and their dependencies, and common protocols and ports used by Windows 2000 Services. Plus, you'll get eight pages of blueprints illustrating the four major factors in building a scalable, robust, and secure Windows 2000 network with proper Active Directory and DNS structure, as well as proper Organizational Unit and Group Policy usage.
- Understand the threats to your Windows 2000 enterprise network and the appropriate countermeasures
- Understand Windows 2000-based security mechanisms, and use them to proactively defeat attackers
- Customize administrative control over your Active Directory with Group Policy, Organizational Units, and delegation
- Plan and implement countermeasures, such as system patches, defensive configuration, encryption, and intrusion detection methods
- Provide application-transparent encryption services for IP Traffic with IPSec
- Establish secure Active Directory domain components, including group and user permissions, OUs, and trust relationships
- Enable strong authentication with Kerberos 5 and PKI
- Utilize access control lists and the Encrypting File System to protect access to critical files and objects
- Build secure firewalls and implement strong authentication policies on VPNs
- Handle fault tolerance with disk mirroring, disk striping, replication, and RAID arrays
About the Author
Tom Sheldon (Big Sur, CA) has worked as a computer programmer, consultant, and network administrator since the late 1970's. He is the author of several highly acclaimed Osborne books including Encyclopedia of Networking, Electronic Edition, Windows NT Security Handbook, Microsoft Internet Information Server: The Complete Reference, and Windows 98 Made Easy. In the past few ears, Tom has become a recognized networking expert. Phil Cox (Tracy, CA) is a MCSE forcused on Microsoft NT and UNIX security issues. He is a featured columnist in the USENIX Association Magazine and serves on the editorial board of the SAN NT-digest.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, read author blogs, and more.
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
9 of 9 people found the following review helpful:
4.0 out of 5 stars
An unapologetic and complete look at Windows 2000 security,
By
This review is from: Windows 2000 Security Handbook (Paperback)
I am a senior engineer for network security operations. I read the Windows 2000 Security Handbook (W2KSH) to learn how to advise clients on improving the survivability of their Windows 2000 platforms. Like its predecessor, Tom Sheldon's excellent "Windows NT Security Handbook," W2KSH delivers practical content in a digestable format. I recommend Windows 2000 system administrators read and heed this book. Good operating system security books are thorough, educational, and honest; W2KSH is all three. The authors are not mindless Microsoft prophets -- consider this sample from page 501: "It seems that Microsoft just does not get it when it comes to the need for robust auditing/logging of services... the logging configurations are totally inadequate." To deal with these and other deficiencies, W2KSH provides installation, configuration, and deployment recommendations. This advice, on topics like Active Directory, user and group management, and file systems, equips system administrators to survive hostile network environments. As an intrusion detector, I was most happy to read how the Microsoft security model operates, and what components present the greatest vulnerabilities. I appreciated explanations of system and discretionary access control lists, and how to effectively employ them. I learned Microsoft includes Web, FTP, SMTP, and NNTP features in Internet Information Service (IIS). I also became aware of best practices for secure deployment of a Microsoft infrastructure. W2KSH has a few problems. Like Microsoft products, its "backwards compatibility" revealed weaknesses. For example, some text was lifted directly from Shelton's earlier book, but necessary background material was omitted (see pages 86, 88-90, 148). This issue was awkward but minor. I also did not leave the book with a strong understanding of the different types of groups in Windows 2000. Such complexity is not the authors' fault. They show that the OS' dozens of options leaves plenty of room for misconfiguration, leading to compromise. If you're familiar with general security practices, skip Part I (TCP/IP, threats, countermeasures, and policies). I recommend the authors mention these topics briefly in the introduction and move the bulk to appendices. Start with Part II, and keep your highlighter handy. W2KSH gives balanced insight into the workings of Windows 2000, and helps system administrators and security personnel better understand the opportunities and liabilities of running this operating system.
4 of 4 people found the following review helpful:
5.0 out of 5 stars
Major Kudos for an Outstanding Resource,
By Martin Jeffrey (Hawaii) - See all my reviews
This review is from: Windows 2000 Security Handbook (Paperback)
I've read many books on Windows NT and Windows 2000 security. Most did not live up to my expectations. They were difficult to read and you needed a Computer Science/Engineering degree to understand them. In my opinion, this book is THE best book on Windows 2000 Security. Mr Cox and Mr Sheldon wrote a very easy to read, easy to understand, and most importantly, an easy to follow recipe for securing your Win2K systems. This book should be in every adminstrator's library. If you don't have this book, you deserve to be hacked! I teach system security, and this book is a valuable tool and resource, not just for me, but for my students. This is money well spent!...
3 of 3 people found the following review helpful:
5.0 out of 5 stars
Review of book "Windows 2000 Security Handbook",
By Tom Christian (Beaverton, OR) - See all my reviews
This review is from: Windows 2000 Security Handbook (Paperback)
The "Windows 2000 Security Handbook" is an excellent book! Not only is it a good book to learn the nitty-gritty details of Win2K OS and network security, but the first section of the book is a great overview of security in general (Win2k and non-Win2K). For someone who is just getting involved with Win2K security, the book is a must. It has both a good theoretical and practical focus; not only do you get the explanations of of the various Win2K security elements, but you get a step by step guide on how to configure each one. The book is also an excellent reference for those already experienced in Win2K. Very comprehensive and well organized.
Share your thoughts with other customers: Create your own review
|
|
Inside This Book
(learn more)
First Sentence:
In the past few decades, information systems have gone from large, centralized computers running over proprietary networks and protocols to decentralized desktop systems and departmental networks running over open and standard protocols. Read the first page Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
stateful inspection techniques, protected system files, new domain tree, adm files, configuration portion, remote access policies, winsock proxy, new child domain, reusable passwords, screening routers, restored data, emergency repair process, encrypting file system, additional domain controller, scanner product, challenge string, offline files, remote access policy, change the system time, remote access network, security stance, replica set, untrusted networks, overwrite events, logon restrictions Key Phrases - Capitalized Phrases (CAPs): (learn more)
Cancel Figure, Default Domain Policy, Event Viewer, Internet Explorer, Windows Settings, Domain Admins, Action View, Cancel Help Figure, Server Operators, Administrative Tools, Host Integration Server, Internet Information Server, Trojan Horse, Administrative Templates, Internet Protocol, Microsoft Proxy Server, Software Settings, Back Next, Safe Mode, Microsoft Management Console, Security Failure Audit, Cancel Apply Figure, Public Key Policies, Recovery Console, Print Operators New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
In the past few decades, information systems have gone from large, centralized computers running over proprietary networks and protocols to decentralized desktop systems and departmental networks running over open and standard protocols. Read the first page Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
stateful inspection techniques, protected system files, new domain tree, adm files, configuration portion, remote access policies, winsock proxy, new child domain, reusable passwords, screening routers, restored data, emergency repair process, encrypting file system, additional domain controller, scanner product, challenge string, offline files, remote access policy, change the system time, remote access network, security stance, replica set, untrusted networks, overwrite events, logon restrictions Key Phrases - Capitalized Phrases (CAPs): (learn more)
Cancel Figure, Default Domain Policy, Event Viewer, Internet Explorer, Windows Settings, Domain Admins, Action View, Cancel Help Figure, Server Operators, Administrative Tools, Host Integration Server, Internet Information Server, Trojan Horse, Administrative Templates, Internet Protocol, Microsoft Proxy Server, Software Settings, Back Next, Safe Mode, Microsoft Management Console, Security Failure Audit, Cancel Apply Figure, Public Key Policies, Recovery Console, Print Operators New!
Books on Related Topics | Concordance | Text Stats Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
Citations (learn more)
This book cites 5
books:
4
books
cite this book:
- Windows 2000 Active Directory by Joe Casad on page 233, and page 235
- Windows 2000 DNS Server by William Wong on page 140
- Firewalls and Internet Security: Repelling The Wily Hacker (Addison-Wesley Professional Computing) by William R. Cheswick on page 414
- Building Internet Firewalls (2nd Edition) by Elizabeth D. Zwicky on page 414
- 1001 Windows Professional Tips (1001 Tips) by David Mackey in Front Matter
- Network Security: A Beginner's Guide, Second Edition (Beginner's Guide) by Eric Maiwald in Front Matter
- Networking: A Beginner's Guide (Network Professional's Library) by Bruce A. Hallberg on page 148
- Microsoft Office FrontPage 2003: The Complete Reference (Osborne Complete Reference Series) by Martin Matthews on page 629
- CIW Security Professional Certification Bible by Mandy Andress in Front Matter
Books on Related Topics
(learn more)
|
Tag this product(What's this?)Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items. |
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
Listmania!
So You'd Like to...
Look for Similar Items by Category
- Books > Computers & Technology > Certification > CompTIA
- Books > Computers & Technology > Microsoft > Networking
- Books > Computers & Technology > Networking > Network Security
- Books > Computers & Technology > Operating Systems > Windows OS
- Books > Computers & Technology > Security & Encryption
- Books > Computers & Technology > Software
- Books > Science & Math > Mathematics
