Windows XP Professional Security
Authors: Chris Weber and Gary Bahadur
Publisher: McGraw-Hill Professional
Administrators and other IT professionals that use Microsoft operating systems are aware of the fact that every new Microsoft OS is more easy to use. But ease of use is not the only “feature” present in new Windows versions. Every release brings more security problems. Not a day goes by that we don’t hear of another security problem and we ask ourselves: how secure Windows really are?
Computer security experts and Foundstone Inc. consultants Chris Weber and Gary Bahadur, with this book, try to explain how secure is Windows XP and how it can be managed.
About the authors
Chris Weber works for Foundstone as a security consultant and trainer. Prior to Foundstone, Chris worked as a network administrator for VisionAir performing enterprise network assesstments and mission-critical systems implementations. His published works include “Securing Windows 2000 Professional Using the Gold Standard Security Template” (SANS Press, 2002), and “Privacy Defended: Protecting Yourself Online (QUE, 2002)”.
Gary Bahadur is CIO and a co-founder of Foundstone. He has been involved with numerous penetration studies and network reviews covering firewalls, UNIX, Windows NT, Novell networks, web servers, and many others. He is co-author of “Privacy Defended” with Chris Weber and Will Chan.
Inside the book
The first thing that pops into your mind is the fact that the book is only 400 pages long and it deals with probably the most sensitive topic in computing – security. Will this be enough? How did they manage to put all the relevant information in such a small page count? I can only tell you that they succeeded. How? Read on to find out.
Covering both Microsoft Windows 2000 and XP, the authors divided the book into four parts that cover: securing operating systems, network security, internet services and preparing for the worst. Provided in all the parts are examples and comparisons. As regards the audience of the book, I think some previous knowledge of security is required.
The first part of the book discusses the process of securing operating systems and it shows how to use the built-in security features of programs such as the MMC (Microsoft Management Console). If you are not aware how an operating system works and what it’s made of, it will be hard for you to secure it properly. This is exactly why the authors started by explaining the Local Security policies, Account policies, Audit policies and User Rights assignments showing us what should be the basic means of network-wide security.
When studying the security aspect of OS setups, we ask ourselves what we should protect and how. Since the Windows operating system is widely used in various environments, it’s very prone to different kinds of attacks. The first part of the book describes the fundamental parts of the OS which includes registry files, the file system (NTFS), user groups and policies. The authors provide a good amount of setup information and the provided material is supported with practical information.
The part dedicated to registry security is comprised of three important parts: registry fundamentals, securing the registry (registry files that need protection & security permissions) and registry hacks (TCP/IP dDos, IPSec, NetBT). After the registry basics have been covered, the authors continue with file system security where they discuss about how permissions do their job and illustrate the best usage for permissions. Since Windows XP gives us the possibility of using the encrypting file system which has its good and bad sides, the authors dedicate some space to the topic and try to solve some mysteries and explain how secure it really is.
Many of us are sharing files over a local network. This situation can end badly if some files are accidentally deleted or viewed by an unauthorized person. Since situations like these can arise the authors recommend not to use simple file sharing.
What does Windows XP offer in order to speed up administration or speed up some processes? Some may argue that Windows 2000 is better in this area but the authors do not agree. In case you’re wondering if it’s worth upgrading, than you’ll be glad to know that the authors compare Windows XP to Windows 2000. Here you can read more about the new features present in Windows XP like: fast user switching, the internet connection firewall, certificates, etc.
When we talk about a system that is part of a network or a system with multiple users then we can’t avoid learning more about user and group management and authorization. The text about these topics is deep enough and will give you a lot of interesting information.
The second part of the book, entitled “Network Security”, describes theory starting form Local policies and Active Directory to Wireless and Remote administration. I have spent a significant amount of time with this chapter, trying out the illustrated topics and I can recommend it as it provides some insight on IPSec and means of authentication. When it comes to firewalls, this book will teach you how they work. The authors also describe ICF and ICS along with their limitations.
It’s still not possible to connect anywhere at any time, but the age of the mobile Internet is dawning at last, after more than a decade of hype and disappointment. There are two categories of wireless technology, distinguished by the distances they can cover: Wireless Personal Area Network (WPAN) and Wireless Local Area Network (WLAN)”. The most mature wireless network technology today is 802.11b, and that is what the authors focus on. The last chapter in this part of the book analyses remote administration as new built-in feature of Windows XP. This is something very helpful if you’re not familiar with PCAnywhere or Citrix, but also less secure. The author show you how to increase that security.
The third part of the book provides a crash course in active directory, best practices, group policies, basically everything you wanted to know about .Net framework. The authors cover all of it and some of the new features of Windows .Net server.
After the rain always comes the Sun. The last and smallest part of the book, “Preparing for the worst” is packed with theory which can help you with planning and testing your security setups.
What I think of it
The real value of this book is in the practical knowledge that it contains. It’s well written and easy to use, a truly excellent resource for system administrators and a great learning guide for those of you interested in learning more about the security of your Windows XP box.