Maximum Windows 2000 Security

A Hacker's Guide to Protecting Your Windows 2000 Server and Network

Mark Burnett, L. J. Locher, Chris Doyle, Chris Amaris, Rand Morimoto

Publisher: SAMS, 2002, 596 pages

ISBN: 0-672-31965-9

Keywords: IT Security

Last modified: April 22, 2021, 1:22 a.m.

Synopsis

Maximum Windows 2000 Security is designed for system administrators, managers, and Windows 2000 users who need to protect their Windows 200 servers and workstations from unauthorized intrusions and other external threats to their system's integrity.

Written by an experienced hacker and a team of security experts — people who know which systems are vulnerable and how crackers get into them — this unique guide to Windows 2000 security identifies existing and potential security holes and faults, and then describes how to go about fixing them.

Table of Contents

  1. Introduction to Windows 2000 Server Security
    1. Hacking Windows 2000 Servers
      • What Makes Windows 2000 Vulnerable
        • User Weakness
        • The Openness of Windows
        • The Difficulty of Monitoring Effectively
        • The Size and Complexity of Windows 2000
        • Weak Out-of-the-Box Installations
      • Knowing the Tools
      • Summary
    2. Windows 2000 Server Security Features
      • Windows 2000 Security Features
      • Enhanced Access Control
        • Windows 2000's User and Accounts
        • Discretionary Access Control (DAC)
      • Enhanced Network Control
      • IPSec and VPNs
      • Kerberos
      • Advanced Authentication Support
        • Session Authentication Support
        • Public Key Cryptography
        • Summary of Windows 2000's Advanced Authentication Methods
      • File System Encryption
      • Logging
      • Summary
    3. The Hacker Toolkit
      • Types of Tools
        • Windows Tools
        • Win32 Console Tools
        • Non-Windows 2000 Tools
        • Scripts
        • Web-Based Tools
      • The Hacker's Toolkit
        • Finding Tools
        • What to Look For
      • Tools for Your Tools
        • Compilers, Interpreters, and Runtimes
        • Executable Compressors
        • Encryptors
        • Converters
        • Hex Editors
        • Chainers and Wrappers
        • Virus Scanners
      • Building Tools
        • Scripting Your Own Tools
        • Building Compiled Tools
      • The Basic Tools
      • Summary
  2. Windows 2000 Server Security Basics
    1. Hacking Windows 2000: Getting Started
      • Finding Networks
        • Looking Up IP Addresses
        • Discovering DNS Names
        • Discover Registered IP Addresses
        • Scanning IP Ranges
        • Discovering Other Domains
      • Finding Windows 2000 Servers
      • Finding Open Services
        • Windows Networking
        • Web Services (IIS)
        • Terminal Services
      • Evading Detection
        • Be Familiar with What Is Logged
        • Bounce, Proxy, and Relay
        • Go Slow at First Until You Know You Are Not Being Watched
        • Watch for Tracing
        • Overload the Target to Hide Your Tracks
        • Clean Up Your Mess
      • Summary
    2. Installing Windows 2000: The First Step Toward Security
      • Pre-Installation Considerations
        • Physical Security
        • Installation Scripts and Templates
        • Keeping a Log
        • Server Roles
        • Starting Clean
        • Installation Methods
        • The File System
      • The Installation Process
        • Selecting Windows Components
        • Networking Components
        • Service Packs and Hotfixes
        • Post-Installation Cleanup
        • Post-Installation System Backups
        • Installation Wrap-Up
      • Summary
    3. Password Security
      • Inside Windows 2000 Passwords
      • What Are Hashes?
      • Cracking Windows 2000 Passwords
        • The Art of Guessing
        • Brute-Force Attacks
        • Foiling Brute-Force Attacks
      • Finding Password Hashes.
        • Stealing the SAM
        • Accessing the SAM Registry Keys
        • Exploiting Running Code
        • Sniffing Passwords on the Network
      • Cracking Password Hashes
      • Protecting Passwords through Security Policy
      • Protecting Passwords through User Education
      • Password Synchronization with Existing Unix Systems
      • Miscellaneous Password Issues
      • Maximum Password Security
      • Summary on Password Security
    4. Windows 2000 Services
      • Understanding How Services Work
      • Windows 2000 Services
        • Alerter Service
        • Application Management
        • Boot Information Negotiation Layer
        • Browser
        • Indexing Service
        • ClipBook
        • Distributed File System
        • DHCP Client
        • Logical Disk Manager Administrative Service
        • Logical Disk Manager
        • DNS Server
        • DNS Client
        • Event Log
        • COM+ Event System
        • Fax Service
        • Single Instance Storage Groveler
        • Internet Authentication Service
        • IIS Admin Service
        • Intersite Messaging
        • Kerberos Key Distribution Center
        • Server
        • Workstation
        • TCP/IP Print Server
        • License Logging Server
        • TCP/IP NetBIOS Helper Service
        • Messenger Service
        • NetMeeting Remote Desktop Sharing
        • Distributed Transaction Coordinator
        • FTP Publishing Service
        • Windows Installer
        • Network DDE
        • Network DDE DSDM
        • Net Logon
        • Network Connections
        • Network News Transport Protocol (NNTP)
        • File Replication
        • NTLM Security Support Provider
        • Removable Storage
        • Plug-and-Play
        • IPSEC Policy Agent
        • Protected Storage
        • Remote Access Auto Connection Manager
        • Remote Access Connection Manager
        • Routing and Remote Access
        • Remote Registry Service
        • Remote Procedure Call (RPC) Locator
        • Remote Procedure Call (RPC)
        • QoS Admission Control (RSVP)
        • Security Accounts Manager
        • Task Scheduler
        • RunAs Service
        • System Event Notification
        • Internet Connection Sharing
        • Simple TCP/IP Services
        • Simple Mail Transport Protocol (SMTP)
        • SNMP Service
        • SNMP Trap Service
        • Print Spooler
        • Performance Logs and Alerts
        • Telephony
        • Terminal Services
        • Terminal Services Licensing
        • Trivial FTP Daemon
        • Telnet
        • Utility Manager
        • Windows Time
        • World Wide Web Publishing Service
        • Windows Management Instrumentation
        • Windows Internet Name Service (WINS)
      • Summary
  3. Windows 2000 Networking
    1. Windows 2000 Network Security Architecture
      • Active Directory
        • Security Descriptors
        • Security Principals
        • Netlogon
        • Active Directory and Interoperability
        • Kerberos
        • Identity Verification and Integrity
        • Kerberos and Interoperability
      • Internet Protocol Security (IPSec)
        • Predefined Policies
        • IPSec Encryption Requirements
        • IPSec and Interoperability
      • Public Key Infrastructure (PKI)
        • Certificates
        • Certificate Services
        • Smart Card Support
        • Public Key Policies
        • PKI and Interoperability
      • Understanding Workgroups
      • Understanding Windows 2000 Domains
        • Domain Structure
        • Domain Controllers
        • Modes of Operation for Windows 2000 Domain
      • Interoperability and Heterogeneous Network Features
      • Further Reading on Windows 2000 Network Security and on Windows 2000 Interoperability
      • Summary
    2. Network Protocols, Clients, and Services
      • Open Systems Interconnection (OSI) Reference Model
        • OSI Model Layers
        • Connection and Connectionless Services
      • TCP/IP
        • Internet Protocol (IP)
        • Internet Message Control Protocol (ICMP)
        • Transmission Control Protocol (TCP)
        • Universal Datagram Protocol (UDP)
      • Windows 2000 Clients, Protocols, and Services
        • Windows 2000 TCP/IP Stack Architecture
        • Network Protocol Layers
        • Transport Driver Interface
        • Network Application Programming Interfaces
        • Interprocess Communication
        • Networking Services and Clients
      • Name Resolution Services
        • Windows Internet Name Service (WINS)
        • Domain Naming System (DNS)
      • Summary.
    3. Trojans and Backdoors
      • Understanding Malicious Code Attacks
        • Terminology
        • Malicious Code Attack Scenario
        • Perpetrators
        • Victims
      • Recent Malicious Code Attacks
        • Melissa
        • Love Letter
        • Back Orifice
      • Protecting Windows 2000 Networks against Malicious Code Attacks.
        • Designing Windows 2000 Networks with Security in Mind
        • Designing and Implementing a Security Policy
        • Securing the Operating Systems
        • Virus Protection
        • Firewalls
        • Content Security
        • Intrusion Detection Software and Scanners
        • Authentication and Encryption Services
      • Additional Resources for Preventing Malicious Code Attacks
        • CERT/CC
        • The SANS Institute
        • ICSA Labs
        • The National Security Agency (NSA)
        • Information Security Magazine
        • 2600
        • Anti-Virus Software Vendors
        • NTBugTraq
        • Microsoft
      • Summary
    4. Active Directory
      • Active Directory Namespace
      • Active Directory Objects
        • Security Principals
        • User Accounts
        • Computer Accounts
        • Group Accounts
        • Active Directory Account Database
        • Object Types, Managers, and Tools
      • Distributed Security
        • User Authentication
        • Impersonation
        • Access Token
        • Access Control
      • File and Folder Permissions
        • Configuration Folder and File Permissions
        • Configuring Special Permissions
      • Summary
    5. Security Policy and Configuration
      • Security Configuration Tool Set
      • What Is the Microsoft Management Console (MMC)?
      • Security Areas
        • Account Policies
        • Local Policies
        • Event Log
        • Restricted Groups
        • System Services
        • Registry
        • File System
      • Security Configuration Tool Set Components
        • Security Templates Snap-In
        • Security Configuration and Analysis Snap-In
        • Security Settings Extension to the Group Policy Snap-In
        • secedit.exe Command-Line Tool
      • Security Templates
        • Predefined Default and Incremental Security template
        • Loading the Security Template Snap-In
        • Creating a New Security Template
        • Modifying an Existing Security Template
      • Security Configuration and Analysis Tool
        • Loading the Security Configuration and Analysis Snap-In
        • Creating the Security Configuration and Analysis Database
        • Analyzing Security
        • Configuration Security
      • Security Settings Extension for the Group Policy Snap-In
        • Installing the Group Policy Snap-In and the Security Settings Extensions
      • secedit.exe Command-Line Tool.
      • Summary
    6. Exploiting Web Services
      • Background of Web Services
        • The Need to Have Web Services Installed on Your Server
        • Having Your Web Server Inside Versus Outside Your Firewall
      • Finding Vulnerable Pathways to Accessible Web Servers
        • Knowing Exactly Which Server to Attack
        • Using a Vulnerable Pathway to Search for Servers to Attack
      • Acquiring Administrative Access to a Web Server
        • Using the ShowPass Utility to Expose System Password Security
        • Using L0phtCrack to Expose System Password Security
        • Using a Keyboard Tracking Tool to Gather Logon Information
      • Physically Accessing an IIS Server
        • Touring a Facility
        • Visiting the Facility
      • Defacing (Tagging) a Server
        • What's Required to Deface a Server
        • Using FrontPage to Modify WWW Information
        • Using FTP to Modify WWW Information
        • Using WebDAV to Modify WWW Information
      • Causing Server Congestion
        • What's Required to Cause Server Congestion
        • Scripting Continuous Client Sessions
        • Crashing a Web Server
        • Stealing Information off a Server
      • Summary
    7. Protecting Web Services
      • How Secure Can You Make Your Web Services
      • Step 1: Security Updates for IIS
        • Service Pack Updates
        • Security BNulletins
        • Using the Windows 2000 IIS 5.0 Hotfix Checking Tool
      • Step 2: Who Needs Access to Your Web Server?
        • Putting Your Web Server Inside Your Firewall
        • Putting Externally Accessed Web Servers Inside the Firewall
        • Putting Your Web Server in a DMZ
        • Hosting Your Web Services at a Different Location
      • Step 3: From Whom Are You Trying to Protect Your Server?
        • Hobbyist Hacker
        • Disgruntled Employee or Customer
        • Competitor
        • Professional Thief
      • Step 4: What Are You Trying to Protect
        • General Windows 2000 Server Hardening Practices
        • General IIS Server Hardening Practices
        • Using Built-In Utilities to Configure Security
        • Another Approach to Locking Down a Web Server
        • Enable Only Desired Web Services
      • Step 5: Where Are Your Vulnerabilities
        • Vulnerabilities When Your Web Server Is Inside Your Firewall
        • Vulnerabilities When Your Web Server Is Hosted Elsewhere
      • Step 6: How to Test for Vulnerability
      • Step 7: Monitoring and Logging Server Activities
      • Summary
    8. Protecting Other Internet Services
      • Overview and Goals
      • General Planning for Secure Systems
      • Hardening the Windows 2000 Operating System
        • Bindings, Network Adapters, and Protocols
        • Tips for Securing the Operating System
        • Tools for hardening the Operating System
      • Securing FTP Services
        • Installing the FTP Server
        • Tips for Securing FTP Services
      • Securing SMTP Services
        • E-mail-Born Viruses and Trojans
        • Unsolicited E-mail (SPAM)
        • Abuse of Content
        • Denial of Service
      • Protecting Windows 2000 DNS Servers
        • DNS Designs
        • Tips for Securing DNS Servers
      • Summary
    9. TCP Filtering and Firewalls
      • What Is a Firewall?
      • Types of Firewalls
        • Network-Level Firewalls: Packet Filters
        • Application-Proxy Firewalls/Application Gateways 
      • IP Filtering
        • IP Security Policies Management (MMC)
      • Firewalls for Windows 2000 Enterprises
        • Check Point FireWall-1
        • Cisco Secure PIX Firewall
        • Galea Secured Networks. Inc.
        • Microsoft Internet Security and Acceleration (ISA) Server 2000
        • SecureWay Firewall
        • SonicWALL Pro-VX
      • Personal Firewalls
        • LockDown Millennium
        • Norton Personal Firewall
        • Sygate Personal Firewall
        • Tiny Personal Firewall
        • ZoneAlarm 2.1
      • Further Reading on Firewalls
      • Summary
    10. Denial of Service
      • Overview and Goals
      • Understanding Denial of Service Attacks
        • What Is the Purpose of Denial of Service Attacks?
        • Who and What Are Vulnerable to Denial of Service Attacks?
        • Who Commits Denial of Service Attacks?
        • Terminology
        • Modes of Attack
      • DOS Attacks and Prevention
        • Ping of Death
        • Teardrop
        • SYN Flooding and Land Attacks
        • SMURF Attacks
        • UDP Flood
      • Infamous Denial of Service Attacks
        • Distributed Denial of Sevice Attack Tools
        • The First-Known Distributed Denial of Service Attack
        • Taking out the Internet Economy Institutions
        • Microsoft gets Attacked
      • Protecting Windows 2000 Networks against Denial of Service Attacks
        • Use Firewalls
        • Harden Servers Accessible to the Public
        • Keep Current on Security Bulletins
        • Apply Patches
        • Monitor Resources
        • Use Redundant Systems
      • Summary
    11. Spoofing
      • General IP Spoofing Attack Concepts
        • How Does an Intruder Capture Packets From the Network?
      • TCP SYN Flooding and IP Spoofing Attacks
        • What Happens During This Type of Attack?
        • Reducing IP Spoofed Packets by Filtering
      • Other Types of Spoofing Attacks
      • ARP Spoofing
        • Preventive Measures Against ARP Spoofing
      • DNS Spoofing
        • Preventive Measures Against DNS Spoofing
      • Web Spoofing
        • The Attack
        • How the Attacker Hides the Attack from His Victim
        • The Impact of Web Spoofing on the Vivtim
      • Lower the Vulnerability of Your Web Site
      • Registry Settings to Help Protect Your Network
      • Further Reading on Spoofing
      • Summary
  4. Privacy and Encryption in a Windows 2000 Environment
    1. Privacy and Encryption in a Windows 2000 Environment
      • Basic Privacy Protection Concepts
        • Human Intelligence
        • Network Intelligence
        • IP Address and Cache Snooping
      • Cryptography Primer
      • Components of Cryptography
        • Message Digest Functions
        • Digital Signatures
        • Encryption Algorithms
        • Secret Key Exchange
      • Introduction to Public Key Infrastructure (PKI)
        • Certification Authorities (CA)
        • Managing Certificates
        • CryptoAPI
        • Smart Card Authentication
        • The Encrypted File System (EFS)
      • Risk Factors to Consider for Windows 2000 Cryptography Features
      • Further Reading on PKI and Cryptography
      • Summary
    2. IPSec
      • Peeping Tom or Protocol Snooping
        • The Scenario
        • Cast the Net
        • Simple FTP Session
        • Haul in the Net
        • The Catch
        • So, How Bad Can That Be?
      • Privacy, Please!
        • Setting up the Defenses
        • Cast the Net, Again
        • Simple FTP Session
        • Haul in the Net, Again
        • The Catch (Maybe Not!)
      • How Did We Do That?
        • Protecting IP Traffic
        • What Is IPSec?
        • IPSec Features
        • Pre-Configured IPSec policies
        • There's No Free Lunch!
        • Offloading IPSec Processing
      • The Technical Details
        • AH and ESP Protocols
        • Integrity: Hash Functions
        • Confidentiality: Encryption Algorithm
        • IP Filter Lists
        • Filter Actions
        • Rules
        • Authentication Methods
        • Pre-Shared Keys
        • Transport Versus Tunnel Modes
        • Connection Types
        • Negotiating an IPSec Security Association
        • Protocols Not Protected by IPSEC
        • IPSec and Firewalls
      • IPSec Tools
        • IP Security Monitor
        • Network Connectivity Tester
        • Oakley Logging
      • Request for Comments
      • Summary
    3. Virtual Private Networking
      • Why Not Call In?
        • Users on the Move
        • Virtual Private Network
      • Setting Up the VPN
        • Setting Up the Server
        • Setting Up the Client
        • Connect!
        • Verifying the Connection
      • Technical Details
        • VPN — Private?
        • Encapsulation
        • Data Encryption
        • Authentication
        • Internal Address and Name Integration
        • Point-to-Point Tunneling Protocol
        • Layer Two Tunneling protocol
        • L2TP Versus PPTP
        • VPN Versus Terminal Services
        • Getting Through the Firewall
      • Request for Comments
      • Summary
  5. Maintaining Windows 2000 Server Security
    1. Log Monitoring and Analysis
      • What Is Logging, Exactly?
      • Default Logging Support in Windows 2000
        • The Event Viewer
        • Application Log
        • The Security Log
        • System Log
      • FTP Server Logs
        • FTP Log Configuration and Customization
      • IIS Web Server Logs
      • The Performance Logs and Alerts Tool
        • Setting Counters
        • Watching Counters in Action
        • Configuring Counter and Trace Log Behavor and Output
      • Summary
    2. Intrusion Detection
      • Types of Intrusion Detection Systems
        • Host-Based Intrusion Detection
        • Network-Based Intrusion Detection
      • Detection Methods Used by Intrusion Detection Systems
        • Statistical Anomaly Detection
        • Rule-Based Anomaly Detection
        • Rule-Based Penetration Identification
        • Flaws in Intrusion Detection Methods
      • Common Threats to Networks and Systems
        • Attacks from an Inside Source
        • Kernel Attacks
        • Operating and Application Security Flaws
        • Password Sniffing
        • Denial of Service Attacks
        • Reconnaissance Scans
      • Intrusion Detection Tools
        • BlackICE Defender
        • Cisco Secure Intrusion Detection System (formerly NetRanger)
        • CyberCop Monitor
        • Dragon Intrusion Detection System
        • ICEpac Security Suite
        • manhunt
        • NetProwler
        • NFR Network Intrusion Detection (NFR NID)
        • RealSecure
      • Methods of Evading an Intrusion Detection System
        • Slow Scans
        • Fragmenting Attack Packets
        • Signature Changes
        • Actions Performed over Time
      • Methods of Defeating an Intrusion Detection System
        • Flooding the Network
        • Denial of Service Attacks
        • Decoy Scamming
      • How to Select an Intrusion Detection System
      • Further Reading on Intrusion Detection
      • Honeypots
        • The Advantages and Disadvantages of Running a Honeypot System
        • Honeypot Systems
        • Further Reading on Honeypots
      • Summary
    3. Backups and Disaster Recovery
      • Planning a Backup Strategy
        • Hardware Standardization
        • Software Standardization
      • Backup and Restore Permissions
      • Choosing Your Backup Tools
      • Microsoft Windows Backup
        • Windows 2000 System State Data Backup and Restores
        • Backup Options
      • Backing Up Your Data
      • mtfcheck: Verifying Backup Tapes from Scripts
      • regback: Registry Backup
        • regback: Options and Arguments
      • regrest: Restoring Registry regback Backups
      • More Backup Strategies
      • Summary

Reviews

Maximum Windows 2000 Security

Reviewed by Roland Buresund

Excrement * (1 out of 10)

Last modified: May 21, 2007, 3:12 a.m.

Opinion

Reminds me of W2K: could have been good, but misses the target. What is even more irritating is that they have invented an anonymous co-author that is a "convicted and reformed hacker". Said hacker hasn't written anything except a poem and an acknowledgement in the beginning of the book, so we can easily conclude that it is only a sales gimmick for the sad geeks out there that thinks that hiring a thief is the right way to burglar insure your house (morons DO exist).

Also, there is supposed to exist a CD (it doesn't exist) and a web site for further reference and updates (it doesn't exist).

This is pure crap, buy something else.

Comments

There are currently no comments

New Comment

required

required (not published)

optional

required

captcha

required