You are previewing Windows Server 2003 Security: A Technical Reference.
O'Reilly logo
Windows Server 2003 Security: A Technical Reference

Book Description

"Once again, Roberta Bragg proves why she is a leading authority in the security field! It's clear that Roberta has had a great deal of experience in real-world security design and implementation. I'm grateful that this book provides clarity on what is often a baffling subject!"

James I. Conrad, MCSE 2003, Server+, Certified Ethical Hacker

"Full of relevant and insightful information. Certain to be a staple reference book for anyone dealing with Windows Server 2003 security. Roberta Bragg's Windows Server 2003 Security is a MUST read for anyone administering Windows Server 2003."

Philip Cox, Consultant, SystemExperts Corporation

"Few people in the security world understand and appreciate every aspect of network security like Roberta Bragg. She is as formidable a security mind as I have ever met, and this is augmented by her ability to communicate the concepts clearly, concisely, and with a rapier wit. I have enjoyed working with Roberta more than I have on any of the other 20 some odd books to which I have contributed. She is a giant in the field of network security."

Bob Reinsch

"Windows Server 2003 Security explains why you should do things and then tells you how to do it! It is a comprehensive guide to Windows security that provides the information you need to secure your systems. Read it and apply the information."

Richard Siddaway, MCSE

"Ms. Bragg's latest book is both easy to read and technically accurate. It will be a valuable resource for network administrators and anyone else dealing with Windows Server 2003 security."

Michael VonTungeln, MCSE, CTT

"I subscribe to a number of newsletters that Roberta Bragg writes and I have 'always' found her writing to be perfectly focused on issues I 'need' to know in my workplace when dealing with my users. Her concise writing style and simple solutions bring me back to her columns time after time. When I heard she had written a guide on Windows 2003 security, I 'had' to have it.

Following her guidance on deployment, her advice on avoiding common pitfalls, and her easy to follow guidelines on how to lock down my network and user environments (those darned users!) has me (and my clients) much more comfortable with our Win2k3 Server deployments. From AD to GPO's to EFS, this book covers it all."

Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra Vista

"Roberta Bragg has developed a 'must have' manual for administrators who manage Microsoft Windows 2003 servers in their organizations. The best practices for strengthening security controls are well organized with practical examples shared throughout the book. If you work with Windows 2003, you need this great resource."

Harry L. Waldron, CPCU, CCP, AAI, Microsoft MVP - Windows Security Information Technology Consultant

"Roberta Bragg's Windows Server 2003 Security offers more than just lucid coverage of how things work, but also offers sound advice on how to make them work better."

Chris Quirk; MVP Windows shell/user

"This book is an invaluable resource for anyone concerned about the security of Windows Server 2003. Despite the amount and complexity of the material presented, Roberta delivers very readable and clear coverage on most of the security-related aspects of Microsoft's flagship operative system. Highly recommended reading!"

Valery Pryamikov, Security MVP, Harper Security Consulting

"As long as you have something to do with Windows 2003, I have four words for you: 'Order your copy now.'"

Bernard Cheah, Microsoft IIS MVP, Infra Architect, Intel Corp.

If you're a working Windows administrator, security is your #1 challenge. Now there's a single-source reference you can rely on for authoritative, independent help with every Windows Server security feature, tool, and option: Windows Server 2003 Security

Renowned Windows security expert Roberta Bragg has brought together information that was formerly scattered through dozens of books and hundreds of online sources. She goes beyond facts and procedures, sharing powerful insights drawn from decades in IT administration and security. You'll find expert implementation tips and realistic best practices for every Windows environment, from workgroup servers to global domain architectures. Learn how to:

  • Reflect the core principles of information security throughout your plans and processes

  • Establish effective authentication and passwords

  • Restrict access to servers, application software, and data

  • Make the most of the Encrypting File System (EFS)

  • Use Active Directory's security features and secure Active Directory itself

  • Develop, implement, and troubleshoot group policies

  • Deploy a secure Public Key Infrastructure (PKI)

  • Secure remote access using VPNs via IPSec, SSL, SMB signing,

  • LDAP signing, and more

  • Audit and monitor your systems, detect intrusions, and respond appropriately

  • Maintain security and protect business continuity on an ongoing basis

  • "Roberta Bragg has developed a 'must have' manual for administrators who manage Microsoft Windows 2003 servers in their organizations. The best practices for strengthening security controls are well organized, with practical examples shared throughout the book. If you work with Windows 2003, you need this great resource."

    Harry L. Waldron
    CPCU, CCP, AAI Microsoft MVP—Windows Security Information Technology Consultant

    © Copyright Pearson Education. All rights reserved.

    Table of Contents

    1. Copyright
    2. Praise for Windows Server 2003 Security
    3. Acknowledgments
    4. About the Author
    5. About the Technical Editor
    6. Preface
    7. Bibliography
    8. Security Basics
      1. Principles of Information Security
        1. Principle Number One: There Is No Such Thing as a Secure Computer
        2. Classic Security Principles: Confidentiality, Integrity, and Accounting
        3. Corollaries: Principles That Spring from the Classics
    9. Securing the Server Itself
      1. Authentication: Proof of Identity
        1. Logon Process
        2. Network Authentication Processes
        3. Windows Time Service
        4. Computer Accounts and Authentication Controls
        5. Anonymous Access
        6. Authentication Management via Group Policy
        7. Forest and Interforest Authentication
        8. Best Practices for Securing Authentication
        9. Summary
      2. Authorization—Limiting System Access and Controlling User Behavior
        1. Windows Security Architecture and the Authorization Process
        2. Rights, Privileges, and Permissions
        3. Using Object Permissions to Control Access
        4. Rule-Based Versus Role-Based Access Control Systems
        5. Default Operating System User Roles
        6. Creating Custom Roles
        7. Creating Custom Group Roles
        8. The Access Control Process
        9. Authorization Using Security Options and Registry Settings
        10. Computer Roles
        11. Anonymous Access
        12. Protect the Account Database with Syskey
        13. Summary
      3. Restricting Access to Software; Restricting Software's Access to Resources
        1. Authorization Manager Framework
        2. Software Restriction Policies
        3. Securing COM, COM+, and DCOM Applications Using Component Services
        4. Summary
      4. Controlling Access to Data
        1. Controlling Access to Files and Folders Using NTFS Permissions
        2. Controlling Access to Shares
        3. Controlling Access to Web Folders Using WebDAV
        4. Controlling Access to Registry Keys
        5. Practical Deployment Issues
        6. Summary
      5. EFS Basics
        1. What Is the Encrypting File System?
        2. Implementation Differences Between Windows Versions
        3. Basic Operations
        4. Effect of Normal Operations on Encrypted Files
        5. EFS Architecture
        6. Avoiding Data Loss—Planning for Recovery
        7. Special Operations and Issues
        8. Remote Storage
        9. Sound Enterprise Strategies
        10. Tools
        11. Troubleshooting
        12. Summary
    10. Securing Domain Services
      1. Active Directory's Role in Domain Security
        1. Active Directory and Security
        2. Active Directory: Organization, Structure, and Function
        3. Active Directory Installation: Changes During dcpromo
        4. Managing Computers and Users Using Active Directory
        5. Group Policy Tools
        6. Difference in Managing Windows 2000 GPOs
        7. Best Practices for Group Policy
        8. Summary
      2. Trust
        1. New Trust Features in Windows Server 2003
        2. Trust Types
        3. Trust Relationships
        4. External Trust Creation Procedures
        5. Forest Trust
        6. Group Policy in Forest and Multiforest Scenarios
        7. Piercing Security Boundaries—The Ultimate Forest Design Issue
        8. Best Practices for Trusts
        9. Summary
      3. Troubleshooting Group Policy
        1. Determining If the Policy Has Been Applied
        2. Determine If the Group Policy Design Is Correctly Implemented
        3. Troubleshooting Networking Problems
        4. Troubleshooting Active Directory and FRS Replication
        5. Troubleshooting Group Policy Object Design
        6. Monitor GPO Health
        7. Summary
      4. Securing Active Directory
        1. Physically Secure Domain Controllers
        2. Establish Security Configuration
        3. Additional Security Configuration
        4. Establish Secure Administration Practices
        5. Deploying Secure Domain Controllers
        6. Summary
      5. Securing Infrastructure Roles
        1. Security Templates
        2. How to Use Security Templates to Secure Computers by Role
        3. Apply Security Templates
        4. Summary
    11. Public Key Infrastructure
      1. PKI Basics
        1. Introduction to PKI
        2. PKI Architecture in Windows Server 2003
        3. Certificate Services Processing
        4. Summary
      2. Implementing a Secure PKI
        1. Install an Offline Root CA
        2. Install and Configure a Subordinate CA
        3. Use Custom Templates to Configure Key Archival for EFS
        4. Summary
    12. Securing the Virtual Network
      1. Securing Remote Access
        1. Securing Traditional Remote Access Portals
        2. Securing Wireless Access Using IAS
        3. Securing Web Server–Based Access to Internal Resources
        4. Summary
      2. Protecting Data in Flight
        1. Use Server Message Block Signing
        2. Use Session Security for NTLM
        3. Use Internet Protocol Security Policies
        4. Use Secure Sockets Layer
        5. Use LDAP Server Signing
        6. Summary
    13. Maintenance and Recovery
      1. Maintenance Strategies and Administrative Practices
        1. Maintenance Strategies for Change Management
        2. Maintenance Strategies for Patch Management
        3. Management Practices
        4. Summary
      2. Basics of Data Backup and Restore
        1. Backup Policy, Standards, and Procedures
        2. How to Use Ntbackup
        3. Automated Systems Recovery
        4. Volume Shadow Copy Service
        5. Miscellaneous Backup Tools
        6. Reanimating Users from the Deleted Objects Store
        7. Active Directory Restore
        8. IIS Backup Process
        9. Certification Authority Backup
        10. Summary
    14. Monitoring and Audit
      1. Auditing
        1. Establishing a Windows Server 2003 Audit Policy for the Forest
        2. Auditing the Standalone Windows Server 2003 Computer
        3. Auditing Server Applications and Services
        4. Auditing Security Controls: Policy Compliance, Vulnerability Assessment, and Pen Testing
        5. Auditing Physical Security
        6. Auditing Policy, Standards, and Procedures
        7. Reviewing Security Awareness
        8. Auditing Outsiders: The Impact of Others on Your Organization's Information Security
        9. Summary
      2. Monitoring and Assessment
        1. Establish Baselines
        2. Monitor Basic Services
        3. Monitor Active Directory and Group Policy
        4. Monitor Event Logs
        5. Introduction to Incident Response
        6. Summary
    15. Index