 |
Securing Windows NT/2000 Servers for the Internet View Larger Image | Stefan Norberg
O'Reilly Media, Paperback, Published November 2000, 199 pages, ISBN 1565927680 | List Price: $29.95
Our Price: $18.95
You Save: $11.00 (37% Off)
| | | Availability: Out-Of-Stock |
Be the First to Write a Review and tell the world about this title!Books on similar topics, in best-seller order: Books from the same publisher, in best-seller order:
In recent years, Windows NT and Windows 2000 systems have emerged as
viable platforms for Internet servers. More and more organizations are
now entrusting the full spectrum of business activities--including
e-commerce--to Windows.
Unfortunately, the typical Windows NT/2000 installation makes a Windows server an easy target for attacks, and configuring Windows for secure Internet use is a complex task. Securing Windows NT/2000 Servers for the Internet
suggests a two-part strategy to accomplish the task:
- "Hardening" any Windows server that could potentially be exposed to
attacks from the Internet, so the exposed system (known as a "bastion
host") is as secure as it can be.
- Providing extra security protection for exposed systems by
installing an additional network (known as a "perimeter network") that
separates the Internet from an organization's internal networks.
Securing Windows NT/2000 Servers for the Internet
is a concise
guide that pares down installation and configuration instructions into a
series of checklists aimed at Windows administrators. Topics include:
- Introduction--Windows NT/2000 security threats, architecture of the
Windows NT/2000 operating system and typical perimeter networks.
- How to build a Windows NT bastion host.
- Configuring Windows and network services, encrypting the password
database, editing the registry, setting system policy characteristics,
performing TCP/IP configuration, configuring administrative tools, and
setting necessary permissions.
- Differences between Windows NT and Windows 2000 security including
IPSec (IP Security Protocol) configuration.
- Secure remote administration--SSH, OpenSSH, TCP Wrappers, the
Virtual Network Console, and the new Windows 2000 Terminal Services.
- Windows NT/2000 backup, recovery, auditing, and monitoring--event
logs, the audit policy, time synchronization with NTP (Network Time
Protocol), remote logging, integrity checking, and intrusion detection.
Administrators who carefully follow the detailed instructions provided
in this book will dramatically increase the security of their Windows
NT/2000 Internet servers.
Table of Contents
Preface
1. Windows NT/2000 Security
Internet Threats
Building a Secure Site on the Internet
The Windows NT/2000 Architectures
Windows NT/2000 in the Perimeter Network
Cryptography Basics
2. Building a Windows NT Bastion Host
Installation
Using the Security Configuration Editor
Basic Configuration
Advanced Configuration
Setting System Policies
TCP/IP Configuration
Configuring Administrative Tools and Utilities
Setting Permissions
3. Building a Windows 2000 Bastion Host
Differences Between the Systems
IPSec in Windows 2000
4. Setting Up Secure Remote Administration
Symantec pcAnywhere
Windows 2000 Terminal Services
Open Source (SSH, Cygwin, TCP Wrappers, and VNC)
5. Backing Up and Restoring Your Bastion Host
Defining Your Backup Policy
Backup Methods
Types of Backups
Backup Software
6. Auditing and Monitoring Your Perimeter Network
System Auditing in Windows
Time Synchronization Using NTP
Remote Logging and Log Management
Integrity Checking
Network-Based Intrusion Detection Systems
7. Maintaining Your Perimeter Network
Setting Up Policies and Procedures
Performing Third-Party Audits
Staying Informed
A. Well-Known Ports Used by Windows NT/2000
B. Security-Related Knowledge Base Articles
C. Build Instructions for OpenSSH on Cygwin
Index
|
|
