Securing Windows Server 2003
O'Reilly Media (Verlag)
978-0-596-00685-3 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
With the success of computer viruses like Slammer, security issues are now a top priority for Windows system administrators, right alongside day-to-day tasks such as setting up accounts and managing performance. If you use Windows 2003 Server at a small to medium-sized organization, or use Microsoft's Small Business Server, this thorough yet concise tutorial offers the hands-on advice you need for securing your network. Modern network operating systems include bundled services that range from traditional file and print sharing and Internet services to authentication, directory and remote access services each a potential security vulnerability as well as a capability. Securing Windows Server 2003 shows you how to put Windows security tools to work, and how to run the server's subsystems to protect users and resources. But that's just the beginning. Network security needs to be well thought-out, not treated as a fire drill when a threat occurs. This book focuses primarily on ways to plan and implement a secure operating environment.
Microsoft security veteran Mike Danseglio uses real-world examples to show you how various security concepts relate to your own system, including: File System Security; Group Policy and security templates; Running secure code; Authentication; IP security; Public Key Certificates and Public Key Infrastructure; Smart Card technology; DHCP and DNS security; Internet Information Services security; Active Directory security; Remote access security; Security audits; Sending secure email, and more Many chapters include a debate, in which fictional protagonists discuss the pros and cons of a particular strategy or solution. These debates provide an objective look at competing methodologies, so you can select the solutions that best fit your network. Read this book cover to cover to create and implement a security plan, or use individual chapters as stand-alone lessons. Either way, Securing Windows Server 2003 will guide you safely through the morass of security threats.
Mike Danseglio is a security writer with Microsoft Corporation in Redmond, Washington. He's been working with computers since the days of punch cards and soldering irons, and has worked at Microsoft since 1993, most recently as a Windows NT-family trainer and as a technical writer for security material. His most recent projects include security documentation for Windows XP and Windows .NET Server 2003, as well as co-authoring the Windows .NET Server Security Administrator's Companion.
Preface 1. Introduction to Windows Server 2003 Security What Is Security? What Is Windows Server 2003? Security Design in Windows Server 2003 Security Features in the Windows Server 2003 Family 2. Basics of Computer Security Why Computer Security Is Important Security Enforcement Mechanisms POLA: The Principle of Least Access Key-Based Cryptography Authorization and Authentication Password Basics Network Security Keeping Your Eyes Open 3. Physical Security Identifying Physical Security Vulnerabilities Protecting Physical Assets Holistic Security: Best Practices 4. File System Security Protecting Files with NTFS File Permissions Protecting Data with the Encrypting File System Protecting System Information with Syskey; 5. Group Policy and Security Templates What Is Group Policy?; How Group Policy Works How Do Security Templates Work? Using Group Policy to Enforce Security Using Security Templates to Deploy Secure Configurations 6. Running Secure Code Identifying Secure Code Driver Signing Software Restriction Policies; 7. Authentication LAN Manager and NTLM Kerberos 8. IP Security What Is IP Security? How Does IPSec Work? Microsoft's Implementation of IPSec in Windows Server 2003 Using IPSec Correctly 9. Certificates and Public Key Infrastructure; What Are Certificates? What Do I Do with Certificates? What Is a Certification Authority? Deciding Between Public and Private Certification Authorities Implementing a Public PKI Planning Your Private Certification Hierarchy Implementing a Private Certification Hierarchy Maintaining Your Hierarchy 10. Smart Card Technology What Are Smart Cards? Using Smart Cards; 11. DHCP and DNS Security DHCP DNS DNS and DHCP Together; 12. Internet Information Services Security What Is IIS? How Does IIS Work? Using IIS Securely 13. Active Directory Security; What Is Active Directory? Structural Components of Active Directory Domain Controllers Default Security Through GPOs; Providing Security for Domains Providing Security for Forests; Providing Security for Active Directory Objects Providing Security for Domain Controllers 14. Remote Access Security; What Is Remote Access? Controlling Access Authentication and Encryption Protocols Virtual Private Networks Example Implementations for Remote Access 15. Auditing and Ongoing Security Security Policies and Procedures Auditing; Operating System Updates Appendix: Sending Secure Email Index
Erscheint lt. Verlag | 21.12.2004 |
---|---|
Reihe/Serie | O'Reilly Ser. |
Verlagsort | Sebastopol |
Sprache | englisch |
Einbandart | Paperback |
Themenwelt | Informatik ► Betriebssysteme / Server ► Windows |
Informatik ► Betriebssysteme / Server ► Windows Server | |
ISBN-10 | 0-596-00685-3 / 0596006853 |
ISBN-13 | 978-0-596-00685-3 / 9780596006853 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich