Hacking Exposed Windows 2000: Network Security Secrets and Solutions - Softcover

About the Authors

Joel Scambray, CISSP, is Managing Principal with Citigal as well as Co-Founder of Consciere LLC. He was previously chief strategy officer for Leviathan Security Group. He has assisted companies ranging from newly minted startups to members of the Fortune 50 in addressing information security challenges and opportunities for over a dozen years. Joel's background includes roles as an executive, technical consultant, and entrepreneur. He was a senior director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Joel also co-founded security software and services startup Foundstone, Inc. He has also held positions as a Manager for Ernst & Young, Chief Strategy Officer for Leviathan, security columnist for Microsoft TechNet, Editor at Large for InfoWorld Magazine, and director of IT for a major commercial real estate firm. Joel has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM), as well as organizations including CERT, CSI, ISSA, ISACA, SANS, private corporations, and government agencies such as the Korean Information Security Agency (KISA), FBI, and the RCMP. Joel Scambray is the co-author of all 6 editions of Hacking Exposed. He is also the lead author of Hacking Exposed Windows and Hacking Exposed Web Applications.

Stuart McClure, CNE, CCSE, Global CTO for McAfee/Intel, is responsible for a nearly $3B consumer and corporate security products business. During his tenure at McAfee, Stuart has also held the General Manager position for the Security Management Business for McAfee/Intel, which enabled all McAfee corporate security products to be operationalized, managed, and measured. Alongside those roles, Stuart has also run an elite team of good guy hackers inside McAfee called TRACE that discovered new vulnerabilities and emerging threats. Previously, Stuart helped run security at the largest healthcare company in the U.S., Kaiser Permanente. In 1999, Stuart was also the original founder of Foundstone, Inc., a global consulting and products company, which was acquired by McAfee in 2004. Stuart is the lead author and original founder of the Hacking Exposed series of books and has been hacking for the good guys for over 25 years. Widely recognized and asked to present his extensive and in-depth knowledge of hacking and exploitation techniques, Stuart is considered one of the industrys leading authorities on information security risk today. A well-published and acclaimed security visionary, McClure brings a wealth of technical and executive leadership with a profound understanding of both the threat landscape and the operational and financial risk requirements to be successful in todays world. Stuart is often quoted in most all mainstream news outlets.

From the Back Cover

"Your all-access pass into the hacking elite." Timothy M. Mullen, CIO and Chief Software Architect, AnchorIS.com

Learn how to secure Windows 2000 from the hacker's perspective

Optimizing security and plugging the holes inherent in Windows 2000 networks is a daunting task and new vulnerabilities pop up every day. Break-ins, fraud, sabotage, and DoS downtime are constant realities in this target-rich environment. Hacking Exposed Windows 2000: Network Security Secrets ; Solutions will teach you, step-by-step, how to defend against the latest attacks by understanding how intruders enter and pilfer compromised networks. Renowned security experts and best-selling authors Joel Scambray and Stuart McClure provide examples of real-world hacks, from the mundane to the sophisticated, and detailed countermeasures to protect against them.

What You'll Learn:

-The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable systems
-How attackers identify and exploit weaknesses in NetBIOS ; SMB (including how to bypass RestrictAnonymous and the latest SMB man-in-the-middle attacks!)
-How to implement and proactively prevent the newest IIS 5 hacks, including remote buffer overflow attacks, the Code Red Worm, file system traversal, and source code disclosure
-SQL and Terminal Server penetration and defense
-Bypassing Windows 2000 IPSec filters and defeating the Encrypting File System
-Using privilege escalation exploits to run code as SYSTEM
-Active Directory and SNMP exploitation
-How attackers extract password hashes, crack them, and install remote control back doors
-Insidious attacks against Internet Explorer and Outlook/Outlook Express that bypass most firewalls
-Debilitating Denial of Service attacks
-Valuable checklists and tips on hardening Windows 2000 based on the authors' consulting experiences
-How to use built-in Windows 2000 technologies like IPSec, Kerberos, Group Policy, Security Templates and Security Configuration and Analysis like the experts to keep you systems secure
-What the new generation of Windows portends for security, including analyses of Windows XP and Windows.NET Server, code named Whistler