- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Windows NT and Windows 2000 systems have emerged as viable platforms for Internet servers. More and more organizations entrust the full spectrum of business activities - including e-commerce - to Windows. Unfortunately, the typical Windows NT/2000 installation makes a Windows server an easy target for attacks, and configuring Windows for secure Internet use is a complex task. "Securing Windows NT/2000 Servers for the Internet" suggests a two-part strategy to accomplish the task: "Hardening" any Windows server that could potentially be exposed to attacks from the Internet, so the exposed system (known as a "bastion host") is as secure as it can be; and providing extra security protection for exposed systems by installing an additional network (known as a "perimeter network") that separates the Internet from an organization's internal networks. The text provides a guide that pares down installation and configuration instructions into a series of checklists aimed at Windows administrators.Topics include: introduction - Windows NT/2000 security threats, architecture of the Windows NT/2000 operating system and typical perimeter networks; how to build a Windows NT bastion host; configuring Windows and network services, encrypting the password database, editing the registry, setting system policy characteristics, performing TCP/IP configuration, configuring administrative tools, and setting necessary permissions; differences between Windows NT and Windows 2000 security including IPSec (IP Security Protocol) configuration.; secure remote administration - SSH, OpenSSH, TCP Wrappers, the Virtual Network Console, and the new Windows 2000 Terminal Services; and Windows NT/2000 backup, recovery, auditing, and monitoring - event logs, the audit policy, time synchronization with NTP (Network Time Protocol), remote logging, integrity checking, and intrusion detection.
Contents
Part 1 Windows NT/2000 SecuritySite on the Internet; The Windows NT/2000 Architectures; Windows NT/2000 in the Perimeter Network; Cryptography Basics. Part 2 Building a Windows NT Bastion Host: Installation; Using the Security Configuration Editor; Basic Configuration; Advanced Configuration; Setting System Policies; TCP/IP Configuration; Configuring Administrative Tools and Utilities; Setting Permissions. Part 3 Building a Windows 2000 Bastion Host: Differences Between the Systems; IPSec in Windows 2000; Part 4 Setting Up Secure Remote Administration: Symantec pcAnywhere; Windows 2000 Terminal Services; Open Source (SSH, Cygwin, TCP Wrappers, and VNC). Part 5 Backing Up and Restoring Your Bastion Host: Defining Your Backup Policy; Backup Methods; Types of Backups; Backup Software. Part 6 Auditing and Monitoring Your Perimeter Network: System Auditing in Windows; Time Synchronization Using NTP; Remote Logging and Log Management; Integrity Checking; Network-Based Intrusion Detection Systems. Part 7 Maintaining Your Perimeter Network: Setting Up Policies and Procedures; Performing Third-Party Audits; Staying Informed. Appendices: Well-Known Ports Used by Windows NT/2000; Security-Related Knowledge Base Articles; Build Instructions for OpenSSH on Cygwin.
