Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

Windows Server 2003 (Hacking Exposed) 1st Edition

4.4 out of 5 stars 8 customer reviews
ISBN-13: 078-3254042704
ISBN-10: 0072230614
Why is ISBN important?
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
Buy used
Condition: Used - Good
In Stock. Sold by Sierra Nevada Books
Condition: Used: Good
Comment: Book has some visible wear on the binding, cover, pages. Biggest little used bookstore in the world.
Access codes and supplements are not guaranteed with used items.
26 Used from $0.01
+ $3.99 shipping
More Buying Choices
13 New from $1.62 26 Used from $0.01

Windows 10 For Dummies Video Training
Get up to speed with Windows 10 with this video training course from For Dummies. Learn more.
click to open popover

Editorial Reviews

From the Back Cover

"The end-all of hacking.... A must-read if you want to secure your networks." --W2Knews

Plug the holes in your Windows infrastructure by seeing it through the eyes of the attacker

Protect your Windows Server 2003 systems from the latest widespread and devastating attacks the tried-and-true Hacking Exposed way. You'll learn, step-by-step, how intruders locate targets, gain super-user access, and ransack compromised networks. Fully updated chapters detail all-new Windows Server 2003 footprinting and scanning methods, IIS6 security flaws, buffer overflow exploits, Terminal Services hacks, and DoS/DDoS vulnerabilities. Real-world cases and code examples demonstrate the most current dangers and spell out countermeasures to stonewall malicious intruders every time.

New and Updated Material:

  • All-new Windows footprinting and scanning tools and techniques
  • NetBIOS, MSRPC, SMB, DNS, SNMP, and Active Directory enumeration protection
  • Updated exploits of Windows-specific services, including the MSRPC interface vulnerability that led to the Blaster worm, SQL Slammer, and eavesdropping attacks on Kerberos
  • Details on the new IIS6 security architecture, URLScan, Microsoft Web services source code disclosure exploits, and HTR chunked encoding exploits
  • All-new Terminal Services information including new password guessing, privilege escalation, and eavesdropping countermeasures
  • New client-side exploits using popular multimedia file formats, and strong new countermeasures using Internet Explorer Enhanced Security Configuration
  • The latest countermeasures for Denial of Service (DoS) attacks including bogon filtering and sink holes
  • New security features such as Internet Connection Firewall, software restriction policies, and updates to IPSec

About the Authors:

Joel Scambray is Senior Director of Security for Microsoft's MSN and Stuart McClure is President/CTO of Foundstone, Inc., an enterprise security products company. They are co-authors of four editions of Hacking Exposed as well as Hacking Exposed Windows 2000.

About the Author

Joel Scambray is Chief Strategy Officer for Leviathan Security Group, an information security consultancy located in Seattle and Denver. As a member of Leviathan’s board and executive management team, Joel guides the evolution and execution of Leviathan’s business and technical strategy. Prior to Leviathan, Joel was a Senior Director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Before joining Microsoft, Joel co-founded security software and services startup Foundstone Inc. and helped lead it to acquisition by McAfee for $86M. He previously held positions as a Manager for Ernst & Young, security columnist for Microsoft TechNet, Editor at Large for InfoWorld Magazine, and Director of IT for a major commercial real estate firm. Joel is widely recognized as co-author of the original Hacking Exposed: Network Security Secrets & Solutions, the international best-selling computer security book that reached its Fifth Edition in April 2005. He is also lead author of the Hacking Exposed: Windows and Hacking Exposed: Web Applications series. Joel's writing draws primarily on his experiences in security technology development, IT operations security, and consulting. He has worked with organizations ranging in size from world’s largest enterprises to small startups. He has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM), as well as organizations including CERT, The Computer Security Institute (CSI), ISSA, ISACA, SANS, private corporations, and government agencies such as the Korean Information Security Agency (KISA), FBI, and the RCMP. Joel holds a BS from the University of California at Davis, a MA from UCLA, and he is a Certified Information Systems Security Professional (CISSP).

Stuart McClure is the co-author of all four editions of Hacking Exposed as well as Hacking Exposed Windows 2000. Stuart co-authored "Security Watch," a weekly column in InfoWorld addressing topical security issues, exploits, and vulnerabilities. He is the President/CTO of Foundstone, Inc. Prior to co-founding Foundstone, Stuart was a Senior Manager with Ernst & Young's Security Profiling Services Group, responsible for project management, attack and penetration reviews, and technology evaluations. Stuart trains Foundstone's Ultimate Hacking course, and Hacking Exposed Live for conferences such as Networld + InterOp, Black Hat, RSA, CSI, among others.

New York Times best sellers
Browse the New York Times best sellers in popular categories like Fiction, Nonfiction, Picture Books and more. See more

Product Details

  • Series: Hacking Exposed
  • Paperback: 628 pages
  • Publisher: McGraw-Hill Osborne Media; 1 edition (October 27, 2006)
  • Language: English
  • ISBN-10: 0072230614
  • ISBN-13: 978-0072230611
  • Product Dimensions: 7.2 x 1.2 x 9.1 inches
  • Shipping Weight: 2 pounds
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Best Sellers Rank: #937,362 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

By D. Morris on December 27, 2003
Format: Paperback
I like this book because it illuminates many of the approaches a hacker would take when trying to invade the system. But it is already out of date for anyone who has Windows 2003 and the latest version of IIS and SQL Server.
Most of the entire section on IIS describes vulnerabilities in IIS 5.0 and does not apply to Win2003. Some of the recommended tools from Microsoft will not even download onto a Win2003 machine running IIS 6!
The SQL Server chapter describes vulnerabilities that are already fixed in SP3. It does however describe application defects that can be exploited, and tells how to guard against them.
So, this is a good reference on general vulnerability mitigation, but much of the information is already out of date as of Christmas 2003.
Comment 19 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
"Hacking Exposed: Windows 2000" (HE:W2K) was published in August 2001, eight months after the W2K OS was released to manufacturing (RM) in December 1999. "Hacking Exposed: Windows 2003" (HE:W03) was published in October 2003, seven months after the Windows 2003 OS was RTM. Does the shorter gap between OS availability and book publication hurt the successor to the original hit Windows security book? It's possible, but I don't see many contenders for the title of best Windows assessment guide. Because this book delivers the technical goods in a proven format, I give HE:W03 four stars.
I gave the original HE:W2K five stars for finally breaking out Windows-specific security material into its own "Hacking Exposed" title. HE:W03 is mainly an update of its predecessor, a fact I confirmed with a chapter-by-chapter evaluation. HE:W03 has a new foreword and better organization. Ch 1 sports five more pages, and ch 2 offers a new discussion on service accounts and groups. Ch 4 adds an RPC enumeration section while ch 5 provides info on sniffing Kerberos authentication. Ch 6 mentions exploiting the Windows debugger but is short on details. Ch 7 explains psexec and ch 8 explains usage of MDcrack. Ch 10 gives new info on IIS 6, ch 11 mentions SQL Slammer and more defensive strategies, and ch 12 updates remote access methods for Windows XP and 2003. Ch 13 presents a few recent client-side attacks and ch 16 mentions several defensive tools. Ch 17 is mainly original, although the Windows OS roadmap appears as dated as the one first proposed in HE:W2K. Oddly, chs 9, 10, and 16 were missing material, like talk of hiding files via streaming and the "runas" command. Ch 3, 14, and 15 are mostly the same.
Read more ›
Comment 12 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
Having read "Hacking Exposed Windows 2000" (and most of the other Hacking Exposed books), and just started using Windows 2003 Server, I ordered this book with an eager anticipation for what it would reveal on Microsoft's supposedly significantly more secure OS.
The opening chapters were a disappointment and in general a lot of the content had been copied from the previous Windows 2000 edition, often with just "Windows 2000" replaced with "Windows 2003", which while sometimes accurate, was more often than not, completely inaccurate.
Many of the example outputs and screen shots didn't match the text and often there were inconstancies in the outputs, suggesting that they had perhaps been hand crafted.
In general the editing was poor and this book didn't really come up to the standard I've come to expect from the Hacking Exposed series. It had all the hallmarks of a book rushed to press.
As for Win2003 specifics, there was actually very little. Weather that's because Win2003 is super secure... or just that the author's (and perhaps the hacking community) hadn't really come to grips with the product....
Even the updated Win2000 content was largely pre SP3, which is odd, since SP4 had gone public, well before this book was released (in fact, some of the virus/worm references in the book are post SP4's release).
If you haven't read the Windows 2000 edition, then don't bother, get this one, it has all the content from that edition, plus a small amount of new Win2003 content.
If you've already read the Win2000 edition recently, then don't bother with this one, especially if you're already playing with Win2003. You've probably got most of the Win2003 info already, from MS and other public sources.
Read more ›
Comment 12 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback
Hacking Exposed- Windows Server 2003 is the latest addition to the Hacking Exposed series of books. Joel Scambray and Stuart McClure have teamed up to create another excellent source of information to help you understand the weaknesses in your Windows Server 2003 system and what you can do to defend against them.

It may not be quite as gripping as a John Grisham novel, but the Hacking Exposed books are relatively easy to follow and understand. The use of Tips, Notes and Cautions helps to highlight specific areas that deserve more attentions than others.

As with other books from the Hacking Exposed series, this one walks through how an attacker would locate and exploit your machine. It covers how to footprint and enumerate potential targets and then goes into comprehensive detail for the various attacks and vulnerabilities. Each attack or vulnerability is ranked based on its popularity, simplicity and potential impact to arrive at an overall risk rating.

This book covers the latest exploits and security measures for Windows Server 2003 including Windows-specific services such as MSRPC and IIS6. The authors also provide information on attacks against Terminal Services such as password guessing and privilege escalation as well as the latest DoS (Denial of Service) attacks.

New security features of Windows Server 2003 are covered as well- updates to IPSec, software restrictions and ICF (Internet Connection Firewall).

Anyone with Windows Server 2003 should read this book.

Comment 3 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse