Securing NT is difficult. While there are a handful of books that promise to tell you everything
you need to know, they have so far been disappointing. But with the publication of Securing
Windows NT/2000 Servers by Stefan Norberg, this is no longer true. Norberg explains simply
what the issues are, how to resolve the problems, and he offers his advice, based on
experience, on how best to tackle the problem.
Chapter 1 is especially good. Norberg gives you a broad overview of the security threats you
need to guard against, what you need to build a secure site, the design and security issues
facing NT and W2K (Norberg is quite critical of the design of NT), the problems you will face
putting NT/W2K servers on the Net, and the basics of cryptography. You won't be an expert
in anything after reading this chapter, but you will have a broad understanding of the issues
involved in securing a network, which will help you understand better the later, more detailed,
chapters.
Building an NT Bastion Host is the subject of Chapter 2. A bastion host is a very secure server
that provides a service to people on the Net. After reading this chapter you'll know everything
you need to know about building an NT bastion host and most everything you need to know
about doing the same for W2K. W2K is sufficiently similar with NT that most all of the base
steps are the same; however, there are some differences in W2K, and they are discussed in
Chapter 3.
Chapter 4 walks you through building a secure remote administration service for NT using
PCAnywhere, W2K Terminal Services, and open-source tools like SSH.
Chapter 5 is a very brief one, covering backup strategies for NT and W2K from a security
perspective.
Auditing your servers, synchronising the time, remote logging and log management, integrity
checking, and intrusion detection systems are the subject of Chapter 6. While it's short, it does
give you a basic understanding of the issues, how to go about them, and where to look for more
information.
The book ends with Chapter 7, Maintaining your Perimeter Network. Building your network is
the easy part. Maintaining your network to ensure that it remains secure while you add new
services and change existing ones is more difficult.
Appendix A summarises popular ports used by NT, W2K, and various Microsoft server
products like SQL Server and Exchange. It doesn't list ones used by Lotus Domino, for
example, which seems peculiar. Domino is sufficiently popular that more than one or two NT
sysadmins need to worry about it.
Appendix B lists all security-related Knowledge Base articles for NT and W2K. At least, ones
current at the time the book was printed.
After reading the book you'll know most everything you need to know about securing your
Microsoft-based network. It's a lot of work as neither NT nor W2K are secure or nearly secure
out-of-the-box.
But this book is the best to date on the subject, and I cannot recommend it
highly enough.
|
