Author: Michael O’Dea
Publisher: McGraw-Hill Professional
If you want to learn more about Windows security, there’s a plethora of security books out there you can use. Most of these titles are large volumes that contain information on a variety of topics and explain them in detail. Needless to say, these books are not very portable and you’re bound to leave them on your bookshelf when going out on the field. The idea behind the HackNotes series is to give you critical information in a small number of pages that make a very portable reference guide. Read on to find out what I discovered inside this title.
About the author
Michael O’Dea is Project Manager of Product Services for Foundstone, Inc. Michael has been immersed in information technology for over 10 years, working with technologies such as enterprise data encryption, virus defense, firewalls and proxy service solutions on a variety of UNIX and Windows platforms.
Inside the book
To make things clear right away, the information provided in this book can be used to secure Windows 2000 Server, Windows XP and Windows Server 2003.
The book kicks off with a discussion on fingerprinting where O’Dea explains how attackers find your systems. Covered here is footprinting using DNS and using public network information. As expected, besides demonstrating how an attack can damage your system, the author provides suggestions regarding protection.
What follows is an explanation of scanning which begins with a mention of the legendary movie War Games, a title that inspired a generation of hackers. You learn how port scanning works and see what tools you can use for the job. Recommended tools include NmapWin, ScanLine and MingSweeper.
Next you get into enumeration as O’Dea shows you how to use various tools in order to probe each protocol for more information. Detailed here is DNS enumeration (TCP/53, UDP/53) and NetBIOS over TCP/IP helpers (UDP/137, UD/138, TCP/139 and TCP/445). The mentioned tools include DumpSec, Winfo and SQLPing.
The author continues by writing about packet sniffing. You discover why packet capture and analysis is very important and you are introduced to Snort and Ethereal before moving on to explore the fundamentals of Windows security. As O’Dea notes at the beginning of this chapter, here he looks at security from an administrator’s point of view and shows you how to defend yourself. Located here is information on users, groups, authentication issues, active directory, and more.
When it comes to Windows services, the author dedicates two chapters to the topic as he writes about probing common Windows services and more in detail on hacking Internet Information Services. The tools shown here include Cain and Abel, LC4 and DumpUsers. O’Dea successfully manages to offer a good overview of the Windows services that get attacked the most as well as the most exploited IIS vulnerabilities. If you secure everything described here, you’ll be able to sleep better for sure.
Something every system administrator has to know a lot about are certainly services. In this part of the book, the author tries to answer one of the most common concerns – which services you really need. You can browse a list of default services on Windows 2000 and Windows Server 2003, listed alphabetically, and discover their functions.
Another critical part of administering a Windows box is learning how to harden local user permissions. O’Dea covers file system permissions and local security settings before starting on domain security with group policies. Here you get a group policy overview and some text on working with group policies in active directory. The author reminds you that as your group policy definitions become more secure, they will also become more complex.
Everyone knows there are tons of patches for a variety of issues that affect the Windows operating system. This is exactly why there’s a chapter dedicated to patch and update management in this book. Noted briefly is the history of Windows system updates and discussed are automatic and manual patch management methods.
Moving on you get into IP Security Policies (IPSec) and the Encrypting File System (EFS). Naturally, you see how EFS works and how it can be implemented. In this part, as well as throughout the book, you find various screenshots that efficiently complement the material and ease the understanding of the material in certain cases.
If you use IIS 5.0 you’ll be pleased to know that there’s a chapter dedicated to it. Although rather short, it does provide some valuable information. The last chapter of the book is dedicated to the exploration of what’s new in Windows 2003 in the area of security.
Located in the middle of the book is a reference center that contains a myriad of useful information like a list of common ports and services, security related group policy settings, useful character encodings, common NetBIOS name table definitions, Windows authentication methods, and much more. The pages of the reference center are light blue in color and therefore different from the rest of the book. This makes them easier to find when you’re looking for something specific. I like them being in the middle of the book instead at the end in the form of appendices, it’s just more user friendly to open a book in the middle. Also, the choice of what type of information O’Dea put in the reference center is great, you’ll be able to put away some of those printouts accumulated on your desk.
Not only has the author managed to provide excellent information, but has also cross referenced everything for easy browsing. Since this is a reference guide, each chapter stands out on its own and it doesn’t matter where you start reading the book. Throughout the book, O’Dea keeps his writing style very clear and focused on the important facts.
Another thing that guarantees the quality of this publication is the fact that the technical editor is Arne Vidstrom, a well known security researcher, author of many security tools and maintainer of the popular ntsecurity.nu website.
Ultra portable and filled with just the right amount of important information, “HackNotes Windows Security Portable Reference” is an excellent resource.