pfeil_rechts

Suchen und Finden

Service

Hardening Windows

von: Jonathan Hassell

Apress, 2006

ISBN: 9781430200833 , 216 Seiten

2. Auflage

Format: PDF, OL

Kopierschutz: Wasserzeichen

Online-Lesen für: Windows PC,Mac OSX,Linux

Preis: 32,09 EUR

Mehr zum Inhalt

Hardening Windows

Contents at a Glance: 4
Contents: 6
About the Author: 12
About the Technical Reviewer: 14
Acknowledgments: 16
Introduction: 18
CHAPTER 1 Some Words About Hardening: 19
What Is Security?: 20
The Security Dilemma: 21
Enemies of Security: 22
What Windows Is Lacking: 22
Some General Hardening Suggestions: 23
Software Considerations: 24
Hardware and Network Considerations: 25
Checkpoints: 27
CHAPTER 2 Windows NT Security: 29
Windows NT System Policy Editor: 29
Customizing and Applying Policies to Multiple Computers: 30
Resolving Conflicts Between Multiple Policies: 31
Recommended User Policy Settings: 32
Extending Policies: 37
Passwords: 37
Password Policies: 38
Password Cracking: 39
Protecting User Accounts: 40
Registry Procedures: 40
Protecting the File System: 41
Locking Down Local Directories: 41
Search Paths: 42
Guarding Against Internet Threats: 43
Windows NT Port Filtering: 43
Protecting Against Viruses: 44
Assigning Rights to Users: 45
Granting and Revoking User Rights: 45
Remote Access Server Configuration: 48
Selecting Appropriate Communications Protocols and Methods: 48
Security Implications of Domains: 49
Checkpoints: 50
CHAPTER 3 Windows 2000 Security: 53
System Updates: 53
The “Slipstreaming” Process: 54
Critical Updates and Security Hotfixes: 55
Managing Critical Updates Across Multiple Computers: 55
Security Templates: 56
Creating a Custom Security Template: 58
Recommended Security Policy Settings: 59
User Accounts: 60
Local Options: 61
Other Security Considerations: 64
Windows Component Selection and Installation: 64
Tightening Running Services: 65
Checkpoints: 66
CHAPTER 4 Windows XP Security: 67
Implementing the Built-In Windows XP Firewall: 67
Profiles: 68
Configuring Through Group Policy: 69
The Internet Connection Firewall in XP Gold and Service Pack 1: 69
Disabling Unnecessary Services: 71
Providing a Secure Configuration for Services: 80
Microsoft Baseline Security Analyzer Patch Check and Security Tests: 81
Installing Microsoft Baseline Security Analyzer: 81
Penetration Tests: 81
File System Security: 82
Disable Automated Logins: 83
Hardening Default Accounts: 83
Use Runas for Administrative Work: 84
Disable Infrared Transfers: 85
Using Forensic Analysis Techniques: 85
Checkpoints: 87
CHAPTER 5 Windows Server 2003 Security: 89
Enhancements to Security in Service Pack 1: 89
The Security Configuration Wizard: 90
Installing the SCW: 91
Creating a Security Policy with the SCW: 91
The Rollback Feature: 98
SCW Best Practices: 98
Using SCW from the Command Line: 99
Checkpoints: 100
CHAPTER 6 Deploying Enterprise Security Policies: 103
System Policies, Group Policies, and Interaction: 103
Mixing Policies and Operating Systems: 105
Security and the Group Policy Framework: 107
Organized Layout of Policies: 108
Policy Application Precedence: 110
Creating Security Configuration Files: 110
Default Domain Policy: 112
Default Domain Controller Security Policies: 112
Troubleshooting Group Policy: 113
Checkpoints: 114
CHAPTER 7 Patch Management: 117
About Windows Server Update Services: 117
Comparing Windows Server Update Services to Systems Management Server: 118
Using Windows Server Update Services: On the Server Side: 119
Using WSUS: On the Client Side: 132
Checkpoints: 135
CHAPTER 8 Network Access Quarantine Control: 137
How Network Access Quarantine Works: 138
A Step-by-Step Overview of Network Access Quarantine Control: 138
Deploying NAQC: 140
Creating Quarantined Resources: 140
Writing the Baseline Script: 141
Installing the Listening Components: 143
Creating a Quarantined Connection Profile: 145
Distributing the Profile to Remote Users: 147
Configuring the Quarantine Policy: 148
Checkpoints: 153
CHAPTER 9 Internet Information Services Security: 155
Completely Disable IIS: 156
Keeping IIS Updated: 156
Using Windows Update: 157
Using Network-Based Hotfix Installation: 157
Securing Files, Folders, and Scripts: 158
The Microsoft Indexing Service: 160
TCP/IP Port Evaluation: 162
Administrative and Default Pages: 163
The Ins and Outs of Internet Services Application Programming Interface: 164
Looking at Apache as an Alternative: 164
Checkpoints: 165
CHAPTER 10 Exchange Server 2003 Security: 167
Installation Security: 167
Security Policy Modifications: 169
For Exchange Server Machines: 169
For Domain Controller Machines: 169
Service Security: 170
Patch Management: 171
Protecting Against Address Spoofing: 172
Protecting Against Denial-of-Service Attacks: 174
Restricting SMTP Access: 176
Controlling Access: 178
Checkpoints: 179
CHAPTER 11 Security Auditing and Event Logs: 181
For Windows 2000, XP, and Server 2003: 181
Recommended Items to Audit: 183
Event Logs: 183
The Event Viewer: 184
For Windows NT 4.0: 185
Recommended Items to Audit: 186
The Event Log: 187
Filtering Events: 187
What Might Be Missing: 188
Checkpoints: 188
APPENDIX Quick-Reference Checklists: 191
Chapter 1: Some Words About Hardening: 191
Chapter 2: Windows NT Security: 192
Chapter 3: Windows 2000 Security: 194
Chapter 4: Windows XP Security: 195
Chapter 5: Windows Server 2003 Security: 196
Chapter 6: Deploying Enterprise Security Policies: 197
Chapter 7: Patch Management: 198
Chapter 8: Network Access Quarantine Control: 198
Chapter 9: Internet Information Services Security: 199
Chapter 10: Exchange Server 2003 Security: 199
Chapter 11: Security Auditing and Event Logs: 201
INDEX: 203

AGB
Datenschutz
Impressum
Kontakt
F.A.Q
Widerruf

Alle Preise verstehen sich inklusive der gesetzlichen MwSt.

Hardening Windows

von: Jonathan Hassell

Hardening Windows

Contents at a Glance

Contents

About the Author

About the Technical Reviewer

Acknowledgments

Introduction

CHAPTER 1 Some Words About Hardening

What Is Security?

The Security Dilemma

Enemies of Security

What Windows Is Lacking

Some General Hardening Suggestions

Software Considerations

Hardware and Network Considerations

Checkpoints

CHAPTER 2 Windows NT Security

Windows NT System Policy Editor

Customizing and Applying Policies to Multiple Computers

Resolving Conflicts Between Multiple Policies

Recommended User Policy Settings

Extending Policies

Passwords

Password Policies

Password Cracking

Protecting User Accounts

Registry Procedures

Protecting the File System

Locking Down Local Directories

Search Paths

Guarding Against Internet Threats

Windows NT Port Filtering

Protecting Against Viruses

Assigning Rights to Users

Granting and Revoking User Rights

Remote Access Server Configuration

Selecting Appropriate Communications Protocols and Methods

Security Implications of Domains

Checkpoints

CHAPTER 3 Windows 2000 Security

System Updates

The “Slipstreaming” Process

Critical Updates and Security Hotfixes

Managing Critical Updates Across Multiple Computers

Security Templates

Creating a Custom Security Template

Recommended Security Policy Settings

User Accounts

Local Options

Other Security Considerations

Windows Component Selection and Installation

Tightening Running Services

Checkpoints

CHAPTER 4 Windows XP Security

Implementing the Built-In Windows XP Firewall

Profiles

Configuring Through Group Policy

The Internet Connection Firewall in XP Gold and Service Pack 1

Disabling Unnecessary Services

Providing a Secure Configuration for Services

Microsoft Baseline Security Analyzer Patch Check and Security Tests

Installing Microsoft Baseline Security Analyzer

Penetration Tests

File System Security

Disable Automated Logins

Hardening Default Accounts

Use Runas for Administrative Work

Disable Infrared Transfers

Using Forensic Analysis Techniques

Checkpoints

CHAPTER 5 Windows Server 2003 Security

Enhancements to Security in Service Pack 1

The Security Configuration Wizard

Installing the SCW

Creating a Security Policy with the SCW

The Rollback Feature

SCW Best Practices

Using SCW from the Command Line