HackNotes Windows Security Portable Reference

Free Download

Authors:

Edition: 1

ISBN: 9780072227857, 0-07-222785-0

Size: 5 MB (5036250 bytes)

Pages: 289/289

File format:

Language:

Publishing Year:

Category:

Michael O’Dea9780072227857, 0-07-222785-0

HackNotes Windows Security Portable Reference covers very interesting and pertinent topics, especially ones such as common ports and services, NetBIOS name table definitions, and other very specific areas that are essential to understand if one is to genuinely comprehend how Windows systems are attacked. Author Michael O’Dea covers not only well-known but also more mobscure (but nevertheless potentially dangerous) attacks. Above all else, he writes in a very clear, well-organized, and concise style-a style that very few technical books can match.

Table of contents :
Team DDU……Page 1
CONTENTS……Page 6
Acknowledgments……Page 10
HackNotes: The Series……Page 12
Introduction……Page 14
Reference Center……Page 16
Hacking Fundamentals: Concepts……Page 17
ICMP Message Types……Page 20
Common Ports and Services……Page 22
Common NetBIOS Name Table Definitions……Page 27
Windows Security Fundamentals: Concepts……Page 28
Windows Default User Accounts……Page 29
Windows Authentication Methods……Page 30
Common Security Identifiers (SIDs)……Page 31
Windows NT File System Permissions……Page 32
Useful Character Encodings……Page 33
Testing for Internet Information Services ISAPI Applications……Page 36
Security Related Group Policy Settings……Page 37
Useful Tools……Page 41
Quick Command Lines……Page 43
WinPcap / libpcap Filter Reference……Page 44
nslookup Command Reference……Page 45
Microsoft Management Console……Page 46
Online References……Page 47
Part I Hacking Fundamentals……Page 48
■ 1 Footprinting: Knowing Where to Look……Page 50
Footprinting Using DNS……Page 51
Footprinting Using Public Network Information……Page 57
Summary……Page 59
■ 2 Scanning: Skulking About……Page 60
How Port Scanning Works……Page 61
Port Scanning Utilities……Page 68
Summary……Page 77
■ 3 Enumeration: Social Engineering, Network Style……Page 78
Enumeration Overview……Page 79
DNS Enumeration (TCP/53, UDP/53)……Page 82
NetBIOS over TCP/IP Helpers (UDP/137,UDP 138, TCP/139, and TCP/445)……Page 84
Summary……Page 95
■ 4 Packet Sniffing: The Ultimate Authority……Page 96
Windows Packet Sniffing……Page 97
Summary……Page 104
■ 5 Fundamentals of Windows Security……Page 106
Security Operators: Users and User Contexts……Page 107
Authentication……Page 113
Windows Security Providers……Page 116
Active Directory and Domains……Page 117
Summary……Page 118
Part II Windows 2000 and 2003 Server Hacking Techniques & Defenses……Page 120
■ 6 Probing Common Windows Services……Page 122
Server Message Block Revisited……Page 123
Probing Microsoft SQL Server……Page 136
Microsoft Terminal Services /Remote Desktop (TCP 3389)……Page 140
Summary……Page 143
■ 7 Hacking Internet Information Services……Page 144
Simple HTTP Requests……Page 145
Speaking HTTP……Page 146
Delivering Advanced Exploits……Page 147
The Big Nasties: Command Execution……Page 149
A Kinder, Gentler Attack……Page 162
Summary……Page 164
Part III Windows Hardening……Page 166
■ 8 Understanding Windows Default Services……Page 168
Internet Information Services/World Wide Web Publishing Service……Page 169
The Rest of the Field……Page 170
Summary……Page 181
■ 9 Hardening Local User Permissions……Page 182
File System Permissions……Page 183
Local Security Settings……Page 193
Summary……Page 201
■ 10 Domain Security with Group Policies……Page 202
Group Policy Overview……Page 203
Working with Group Policies……Page 204
Working with Group Policies in Active Directory……Page 210
Editing Default Domain Policies……Page 211
Controlling Who Is Affected by Group Policies……Page 212
Using the Group Policy Management Console……Page 213
Summary……Page 215
■ 11 Patch and Update Management……Page 216
History of Windows Operating System Updates……Page 217
Automatic or Manual?……Page 218
How to Update Windows Manually……Page 219
Windows Update: What’s in a Name?……Page 220
How to Update Windows Automatically……Page 221
Verifying Patch Levels: The Baseline Security Analyzer……Page 224
Summary……Page 226
Part IV Windows Security Tools……Page 228
■ 12 IP Security Policies……Page 230
IP Security Overview……Page 231
Working with IPSec Policies……Page 232
Default Policies: Quick and Easy……Page 233
Advanced IPSec Policies……Page 238
Summary……Page 244
■ 13 Encrypting File System……Page 246
Public Key Cryptography and EFS……Page 247
User Encryption Certificates……Page 248
Implementing EFS……Page 249
Adding Data Recovery Agents……Page 250
Configuring Auto-Enroll User Certificates……Page 252
Setting Up Certificate Server……Page 253
Using Encrypting File System……Page 256
Summary……Page 259
■ 14 Securing IIS 5.0……Page 260
Simplifying Security……Page 261
The IIS Lockdown Tool……Page 262
How the IIS Lockdown Tool Works……Page 264
URLScan ISAPI Filter Application……Page 265
Disabling URLScan……Page 267
IIS Metabase Editor……Page 268
Summary……Page 269
■ 15 Windows 2003 Security Advancements……Page 270
Internet Information Services 6.0……Page 271
More Default Security……Page 274
Improved Security Facilities……Page 279
Summary……Page 280
■ Index……Page 282

Reviews

There are no reviews yet.

Be the first to review “HackNotes Windows Security Portable Reference”
Shopping Cart
Scroll to Top