Securing Windows NT/2000 Servers for the Internet

Security Checklists for System Administrators

Stefan Norberg

Publisher: O'Reilly, 2001, 199 pages

ISBN: 1-566592-768-0

Keywords: IT Security

Last modified: March 21, 2022, 9:11 p.m.

In recent years, Windows NT and Windows 2000 systems have emerged as viable platforms for Internet servers. More and more organizations are nowe entrusting the full spectrum of business activities — including e-commerce — to Windows.

Unfortunately, the typical Windows NT/2000 installation makes a Windows server an easy target for attack. This book simplifies the challenging job of securing a Windows server by pairing down installation and configuration instructions into a series of checklists aimed at Windows administrators.

Topics include:

  • Windows NT/2000 security threats, security architecture of the Windows NT and Windows 2000 operating systems, and typical perimeter network configurations
  • Instructions for "hardening" Windows NT and Windows 2000 bastion hosts, configuring services, editing the registry, setting permissions, and differences between Windows NT and Windows 2000 security, including IPSec (IP Security Protocol) configuration
  • Secure remote administration using various methods: pcAnywhere, Windows 2000 Terminal Services, and an open source approach using OpenSSH, TCP Wrappers, VNC (Virtual Network Computing), and Cygwin
  • Windows NT/2000 backup, recovery, auditing, monitoring, and maintenance

By carefully following the detailed instructions provided in this book, you'll dramatically increase the security of your Windows NT and Windows 2000 Internet servers.

  1. Windows NT/2000 Security
    • Internet Threats
    • Building a Secure Site on the Internet
    • The Windows NT/2000 Architectures
    • Windows NT/2000 in the Perimeter Network
    • Cryptography Basics
  2. Building a Windows NT Bastion Host
    • Installation
    • Using the Security Configuration Editor
    • Basic Configuration
    • Advanced Configuration
    • Setting System Policies
    • TCP/IP Configuration
    • Configuring Administrative Tools and Utilities
  3. Building a Windows 2000 Bastion Host
    • Differences Between the Systems
    • IPSec in Windows 2000
  4. Setting Up Secure Remote Administration
    • Symantec pcAnywhere
    • Windows 2000 Terminal Server
    • Open Source (SSH, Cygwin, TCP Wrappers, and VNC)
  5. Backing Up and Restoring Your Bastion Host
    • Defining Your Backup Policy
    • Backup Methods
    • Types of Backups
    • Backup Software
  6. Auditing and Monitoring Your Perimeter Network
    • System Auditing in Windows
    • Time Synchronization Using NTP
    • Remote Logging and Log Management
    • Integrity Checking
    • Network-Based Intrusion Detection Systems
  7. Maintaining Your Perimeter Network
    • Setting Up Policies and Procedures
    • Performing Third-Party Audits
    • Staying Informed
  1. Well-Known Ports Used by Windows NT/2000
  2. Security-Related Knowledge Base Articles
  3. Build Instructions for OpenSSH on Cygwin

Reviews

Securing Windows NT/2000 Servers for the Internet

Reviewed by Roland Buresund

Disappointing *** (3 out of 10)

Last modified: March 21, 2022, 9:10 p.m.

Covers the basic basics. Doesn't cover much and does so very thinly.

In short, nothing to see here.

Comments

There are currently no comments

New Comment

required

required (not published)

optional

required

captcha

required