- Create your FREE Amazon Business account to save up to 10% with Business-only prices and free shipping.
Windows 2000 (Hacking Exposed) 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Special offers and product promotions
Joel Scambray and Stuart McClure have chosen to organize their book according to the steps involved in system compromise (identifying a target, gaining access and privileges, using or destroying the system, and so on) as well as by area of vulnerability. In addition to well-written passages that explain general hacking strategies and concepts, the authors devote sections to software (meaning native Windows commands, tools that are part of the Windows NT/2000 Resource Kit, as well as external software). Sometimes, they'll just offer a description, but most of the time, the authors present a step-by-step guide to carrying out the exploit at hand. This is a valuable book that every Windows 2000 expert should read closely. --David Wall
Topics covered: How to break into a Windows 2000 system and, by extension, how to go about defending against attacks. Sections deal with tools for locating victim systems, gaining access to them, and either damaging them, overloading them, or using them as bases for further attacks. The authors also highlight the weaknesses in Windows 2000 services, including Internet Information Services (IIS) and Microsoft SQL Server.
From the Publisher
- Publisher : Computing Mcgraw-Hill; 1st edition (August 29, 2001)
- Language : English
- Paperback : 500 pages
- ISBN-10 : 0072192623
- ISBN-13 : 978-0072192629
- Item Weight : 2.29 pounds
- Dimensions : 1.25 x 7.25 x 9 inches
- Best Sellers Rank: #8,266,700 in Books (See Top 100 in Books)
- Customer Reviews:
About the authors
Top reviews from the United States
There was a problem filtering reviews right now. Please try again later.
Hacking Exposed Win2k breaks the mold for Windows Security books. Every few pages you'll find an Aha! experience. I'm happy with a book that provides one or two of these. This book has hundreds of them! You can use the information IMMEDIATELY. You don't have to translate "propeller head" language into action. They give you the actions in plain English.
What's truly remarkable is that these guys *are* propeller heads, but can write so a normal person not only understands, but enjoys, what they have to say! A very rare talent.
EVERYONE who runs a Win2k network needs this book. Get it and you'll not be disappointed. I'd give it 10 stars if I could.
Hacking Windows 2000 Exposed is very well organized. It takes you through the steps of how someone actually compomises a system and what you can do about it. It puts you in the mindset of a hacker and their methodology - finding a network, extracting information about it, attempting the connect/attack, gaining access, trying to get system or administrator access, reaking havok, and covering their tracks - maybe even leaving a backdoor for remote control! This approach to writing the book will leave you well prepared to defend yourself, audit activity, and show you how to test your own network for vulnerability. You will learn about netbios, network utilities, authentication
protocols, ports, services, anonymous access, permissions, sniffers - how they can be used against you, what to do about it and a whole lot more. The first part of the book focuses on the Windows 2000 operating system. Later chapters focus on applications such as Internet Information Server, SQL, and Internet Explorer(including some great tips everyone can use) and tells you how to manage them for maximum security. The end of the book covers specific security features of Windows 2000 such as Ipsec, Efs, group policy, seurity templates, and how to use them. Appendix A is a concise summary on how to lock down your Windows 2000 computer - a recap of concepts covered throughout the book. Each chapter also has a very helpful summary at the end that reinforces what was covered(specifically the actions to take) in case you are overwhelmed by technical detail in the reading. I like to periodically go back and leaf through the chapter summaries as kind of a refresher course of the meat of what is covered in the book. There is a list of references of other books and internet sites for further reading if more info is desired of material covered in each chapter. I highly recommend Hacking Windows 2000 Exposed to anyone intested in protecting their network and computers from unauthorized access - even those who have just a few computers at home and a cable/dsl connection should take heed. The writing style assumes you have some basic understanding of networking but is definitely not just for techies and keeps your interest. For many this could be their only book about network security and others their first book or a must have addition.
Out of the box, Win2K will do a better job of protecting the OS than NT -- for example, the default domain group policy settings will prevent user enumeration, even though they permit null sessions (stand-alone systems, by contrast, are just as vulnerable to enumeration as NT 4.0). However, by default, the system is just as vulnerable to to attacks against legacy LM based password hashes as was NT -- this book explains how to avoid this while still maintaining compatibility with legacy consumer Windows products. And the named pipe impersonation privilege escalation exploit was one that I had not heard about. SP2 fixes it, but it's definitely something that you need to be aware of.
This book is a treasure trove of security-critical information for Win2K administrators. You will learn how to apply group policy to effectively lock down your Win2K systems against many of the attacks commonly used against Win2K. You'll get links to all kinds of freeware ranging from hacking tools to intrusion detection software so that you can assess the security of your own Win2K network. You'll learn about the vulnerabilities of IIS, SQL Server, and Terminal Server as well as how you can deploy these services securely.
This is real-world stuff. You just can't learn it by studying for 70-220. Hacking Win2K Exposed is probably the one book that I'd try to grab off the shelf if my library were on fire.