Author: Blair Rampling
Available for download is chapter 1 entitled “Security Threats”.
When Windows Server 2003 was released in April of this year, Microsoft was advertising it as the most secure Windows server to date. The security community didn’t pay much attention to Microsoft’s words and experts noted that it may be wise to wait a bit before upgrading. Of course, they were right. Less than two months later, the operating system got its first security patch. Not all reviews were bad though, there were some positive responses to Microsoft’s apparent security enlightenment. When reading this review I want you to put aside your opinion on the security of Windows in general and concentrate on what this book has to offer. There are a lot of Windows administrators out there and if you’re one of them, you certainly need a title that deals exclusively with security issues.
About the author
Blair Rampling is currently the Senior Systems Administrator and system architect for a mid-size ISP/Webhosting company. In this role he is responsible for designing every aspect of company systems from the initial implementation to policies and procedures including security. Aside from his experience with Windows and UNIX security, Blair is also familiar with several types of firewalls (NetScreen, ipfilter, Raptor) and load balancing devices (Cisco/Arrowpoint CSS, Radware, Big/IP).
Inside the book
As you start reading the book, you encounter an overview of security fundamentals that spreads over almost 100 pages and includes the first five chapters. When it comes to discussing security threats, Rampling writes about the infamous Denial of Service attacks, defacements, data theft, and more. One of the most known security tools, Nmap, is mentioned already at the very beginning of the book.
Moving on, you get information on how a system is compromised as well as some on rootkits and trojans, a growing problem. Various attacks are mentioned: buffer overflows, brute force attacks, social engineering, man in the middle attacks, etc.
Now that you’ve been introduced to the various types of attacks, the author continues to build your knowledge by showing you how to design a secure server architecture. Here you learn about disabling unnecessary services, patching your system, and more. Mentioned here are also honeypots and the Honeynet project.
If you want to secure your system efficiently, you have to test it before the bad guys do. This is where security auditing comes into the picture. If you’re wondering how auditing can be performed, look into chapter four as the author provides a basic overview of auditing from a Windows and UNIX environment. Rampling mentiones a plethora of security tools including: Ethereal, the Cisco Secure Scanner, and others. A few pages are dedicated also to the configuration of the Nessus security scanner.
As a closing of the first part of the book, you read a chapter on Windows Server 2003 security provisions where you discover the security features of Windows Server, the Microsoft CryptoAPI, IPSec, etc.
The second part of the book deals with system security and is comprised of two chapters in which you see how you can actually secure Windows Server 2003 and secure applications. Rampling covers a lot of ground and it’s obvious he wants to go as in-depth as possible with all the things you have to take into consideration. He writes about hardware security, group policies, securing web and FTP servers, securing DNS, and much more. The material is complemented with a myriad of screenshots that make everything pretty clear.
The third part covers everything related to authentication and encryption. It’s the largest part of the book as it contains eight chapters. The author starts by providing an introduction to cryptography and demonstrating how you can encrypt your data. A few pages are dedicated to Pretty Good Privacy (PGP), probably the most popular encryption software.
Next Rampling shows you how to use SSL to secure HTTP, use SSL with IIS, as well as other connected topics before moving on to write about Windows Server 2003 authentication methods and Kerberos. After a Public Key Infrastructure (PKI) overview, you get all you need to successfully install and configure certificates. The author takes you by the hand and guides you step-by-step through everything. It doesn’t get more straightforward than this.
The last two chapters in this part of the book contain information on L2TP and PPTP VPNs and an explanation of IPSec. As an addition, you also learn how to configure IPSec.
The fourth and final part provides an overview of the Internet Security and Acceleration (ISA) server, some material on firewalls and the Acceleration service with its configuration. The book doesn’t end here though. Rampling closes “Windows Server 2003 Security Bible” with reference material in three appendices. He points out interesting security tools for both UNIX and Windows platforms, lists some security resources and there’s also a handy list of well known ports.
My 2 cents
Topics are cross-referenced throughout the book. This makes the organization truly excellent and the book not only a great learning tool but an excellent reference guide as well.
As for the targeted audience, this book is a perfect choice for all you administering Windows Server 2003 machines as it deals exclusively with security. There’s so much to learn and I believe the author managed to put together a valuable book.
You can never be too careful when it comes to server security so if you’re working on this platform – do consider this book. It will certainly help you sharpen your skills and achieve a higher level of security.