Hacking Exposed Windows 2000: Network Security Secrets and Solutions - Softcover

With a revised Microsoft operating system comes a revised set of security holes and means of attacking them. Hacking Exposed: Windows 2000 presents a snapshot of known Windows 2000 security weaknesses and the tools that have been developed to exploit them, in turn enabling system operators to mount better defenses. This book builds on and contributes to the small but respected Hacking Exposed series, giving network administrators a detailed picture of the threats their Windows 2000 machines face--and all the motivation they should need to install the latest patches right away. Which points out a characteristic of this book: many of the problems it catalogues are known bugs that shouldn't be a problem if you've installed the latest fixes and have good password and privilege policies. The point: even with this book on your shelf, keep an eye on the security sites for news of emerging problems.

Joel Scambray and Stuart McClure have chosen to organise their book according to the steps involved in system compromise (identifying a target, gaining access and privileges, using or destroying the system and so on) as well as by area of vulnerability. In addition to well-written passages that explain general hacking strategies and concepts, the authors devote sections to software (meaning native Windows commands, tools that are part of the Windows NT/2000 Resource Kit, as well as external software). Sometimes, they'll just offer a description, but most of the time, the authors present a step-by-step guide to carrying out the exploit at hand. This is a valuable book that every Windows 2000 expert should read closely. --David Wall

Topics covered: How to break into a Windows 2000 system and, by extension, how to go about defending against attacks. Sections deal with tools for locating victim systems, gaining access to them, and either damaging them, overloading them, or using them as bases for further attacks. The authors also highlight the weaknesses in Windows 2000 services, including Internet Information Services (IIS) and Microsoft SQL Server.

"Your all-access pass into the hacking elite." Timothy M. Mullen, CIO and Chief Software Architect, AnchorIS.com

Learn how to secure Windows 2000 from the hacker's perspective

Optimizing security and plugging the holes inherent in Windows 2000 networks is a daunting task and new vulnerabilities pop up every day. Break-ins, fraud, sabotage, and DoS downtime are constant realities in this target-rich environment. Hacking Exposed Windows 2000: Network Security Secrets ; Solutions will teach you, step-by-step, how to defend against the latest attacks by understanding how intruders enter and pilfer compromised networks. Renowned security experts and best-selling authors Joel Scambray and Stuart McClure provide examples of real-world hacks, from the mundane to the sophisticated, and detailed countermeasures to protect against them.

What You'll Learn:

-The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable systems
-How attackers identify and exploit weaknesses in NetBIOS ; SMB (including how to bypass RestrictAnonymous and the latest SMB man-in-the-middle attacks!)
-How to implement and proactively prevent the newest IIS 5 hacks, including remote buffer overflow attacks, the Code Red Worm, file system traversal, and source code disclosure
-SQL and Terminal Server penetration and defense
-Bypassing Windows 2000 IPSec filters and defeating the Encrypting File System
-Using privilege escalation exploits to run code as SYSTEM
-Active Directory and SNMP exploitation
-How attackers extract password hashes, crack them, and install remote control back doors
-Insidious attacks against Internet Explorer and Outlook/Outlook Express that bypass most firewalls
-Debilitating Denial of Service attacks
-Valuable checklists and tips on hardening Windows 2000 based on the authors' consulting experiences
-How to use built-in Windows 2000 technologies like IPSec, Kerberos, Group Policy, Security Templates and Security Configuration and Analysis like the experts to keep you systems secure
-What the new generation of Windows portends for security, including analyses of Windows XP and Windows.NET Server, code named Whistler