Get comprehensive coverage of XP Professional security with this definitive and focused resource. Work with firewalls and intrusion detection systems, fully utilize XP's built-in support tools, manage security remotely, and much more.
This book is the operators manual for Windows XP security--dont boot up without it. --Joel Scambray, Senior Director of Security, Microsoft MSN, and best-selling author of Hacking Exposed, Hacking Exposed Windows 2000, and Hacking Exposed Web Applications
The authors clearly demonstrate a masters understanding of the Windows operating system that is certain to make this a must-have book. --Stephen Northern SANS Institute
Get comprehensive security coverage of Windows XP Professional--the most security-focused Microsoft OS yet--from this definitive resource. Learn how default security has been strengthened and how familiar security features from Windows 2000 have been completely reworked, including options to restrict anonymous access, redefine the Everyone group, force Guest network logons, utilize blank password restrictions, and much more. Also, the new and enhanced security features of Windows XP, including Software Restriction Policies, Internet Connection Firewall, Group Policy, and wireless networking are covered in detail. This comprehensive reference will be invaluable in your daily work with Microsofts newest security technologies. Dont miss this chance to fully understand Windows XP security in a Windows 2000 or Windows .NET domain.
Configure security policies effectively
Manage GPOs in mixed Windows XP and Windows 2000 environments
Uncover the registry inside and out with need-to-know security lockdowns and hacks
Utilize new EFS features with learned best security practices
Overcome wireless threats using IPSec and 801.1x practical solutions
Understand how the .NET Framework implements policies across managed code
Work with Active Directory, Group Policies, and IPSec using the new features available in Windows XP and Windows .NET
Reveal powerful new Software Restriction Policies in action using practical examples
Prevent DoS attacks through firewall best practices and the new ICF and ICS
Get problem-solving techniques and methodologies for penetration testing and incident response
ART I: Securing the OS
Ch. 1: Configuring Security Policies
Ch. 2: Hacking the Windows XP Registry
Ch. 3: FileSystem Security
Ch. 4: Additional Security Configurations
Ch. 5: User/Group Management
Ch. 6: Authentication Protocols
PART II: Network Security
Ch. 7: IPSec and VPNs
Ch. 8: Firewalls and Intrusion Detection
Ch. 9: Wireless Networking Defenses
PART III: Windows.NET Active Directory, Framework & Application Security
Ch. 10: Windows.NET Domains and Active Directory
Ch. 11: Windows.NET Framework for Administration
Ch. 12: IIS, Exchange, and SQL Server
PART IV: Managing Security Remotely with Useful Tools and Scripting Technologies
Ch. 13: Remote Administration
Ch. 14: Keeping Your Network Secure/Up to Date with Tools
Ch. 15: WSH, VBScripting, ADSI and WMI for Security
Ch. 16: Penetration Tests and Vulnerability Assessments
Ch. 17: Incident Response and Disaster Recovery
PART VII: Appendices
Appendix A: The Future of Windows: Longhorn & Blackcomb
Appendix B: Useful Web sites and Resources
Gary Bahadur co-founder and Chief Information Officer of Foundstone Inc (http://www.foundstone.com), has been providing security consulting and training services to Foundstones clients for the past two years and implements the technical infrastructure necessary provide services to Foundstones clients. Prior to starting Foundstone with his partners, Mr. Bahadur performed security consulting and training services for Fortune 500 companies for Price Waterhouse and Ernst & Young.
Mr. Bahadur has been involved with numerous ethical hacking tests and network reviews covering various firewalls, UNIX, Windows NT, Novell networks, Web servers, Internet connectivity and SAP security during the past 7 years. Mr. Bahadur has helped develop the methodologies for network security reviews and security classes. He is a frequent speaker at security conferences and writes for a number of security related publications including Information Security Magazine and SysAdmin Magazine. Mr. Bahadur holds a Bachelor of Science degree in Information Systems / Finance from New York University and is a Certified Information Systems Security Professional (CISSP).
Chris Weber is a Security Consultant at Foundstone, Mr. Weber is adept in many facets of Information Technology and secure network computing. He has performed numerous ethical hacking tests, security architecture reviews, and secure application analyses. Prior to Foundstone, Mr. Weber worked for VisionAir, performing enterprise network assessments and mission critical system implementations for some of the largest Police and Sheriff departments in the USA.
Mr. Webers public work includes course development and advisory board membership at the SANS Institute. He has also been a security tutorial honoraria speaker at the USENIX 10th Annual Security Symposium in 2001, and a co-instructor at Computer Security Institutes 2001 Network Security conference in New Orleans.