HACKING EXPOSED WINDOWS(R) SERVER 2003 - Softcover

About the Authors

Joel Scambray, CISSP, is Managing Principal with Citigal as well as Co-Founder of Consciere LLC. He was previously chief strategy officer for Leviathan Security Group. He has assisted companies ranging from newly minted startups to members of the Fortune 50 in addressing information security challenges and opportunities for over a dozen years. Joel's background includes roles as an executive, technical consultant, and entrepreneur. He was a senior director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Joel also co-founded security software and services startup Foundstone, Inc. He has also held positions as a Manager for Ernst & Young, Chief Strategy Officer for Leviathan, security columnist for Microsoft TechNet, Editor at Large for InfoWorld Magazine, and director of IT for a major commercial real estate firm. Joel has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM), as well as organizations including CERT, CSI, ISSA, ISACA, SANS, private corporations, and government agencies such as the Korean Information Security Agency (KISA), FBI, and the RCMP. Joel Scambray is the co-author of all 6 editions of Hacking Exposed. He is also the lead author of Hacking Exposed Windows and Hacking Exposed Web Applications.

Stuart McClure, CNE, CCSE, Global CTO for McAfee/Intel, is responsible for a nearly $3B consumer and corporate security products business. During his tenure at McAfee, Stuart has also held the General Manager position for the Security Management Business for McAfee/Intel, which enabled all McAfee corporate security products to be operationalized, managed, and measured. Alongside those roles, Stuart has also run an elite team of good guy hackers inside McAfee called TRACE that discovered new vulnerabilities and emerging threats. Previously, Stuart helped run security at the largest healthcare company in the U.S., Kaiser Permanente. In 1999, Stuart was also the original founder of Foundstone, Inc., a global consulting and products company, which was acquired by McAfee in 2004. Stuart is the lead author and original founder of the Hacking Exposed series of books and has been hacking for the good guys for over 25 years. Widely recognized and asked to present his extensive and in-depth knowledge of hacking and exploitation techniques, Stuart is considered one of the industrys leading authorities on information security risk today. A well-published and acclaimed security visionary, McClure brings a wealth of technical and executive leadership with a profound understanding of both the threat landscape and the operational and financial risk requirements to be successful in todays world. Stuart is often quoted in most all mainstream news outlets.

From the Back Cover

"The end-all of hacking.... A must-read if you want to secure your networks." W2Knews

Plug the holes in your Windows infrastructure by seeing it through the eyes of the attacker

Protect your Windows Server 2003 systems from the latest widespread and devastating attacks the tried-and-true Hacking Exposed way. You'll learn, step-by-step, how intruders locate targets, gain super-user access, and ransack compromised networks. Fully updated chapters detail all-new Windows Server 2003 footprinting and scanning methods, IIS6 security flaws, buffer overflow exploits, Terminal Services hacks, and DoS/DDoS vulnerabilities. Real-world cases and code examples demonstrate the most current dangers and spell out countermeasures to stonewall malicious intruders every time.

New and Updated Material:

-All-new Windows footprinting and scanning tools and techniques
-NetBIOS, MSRPC, SMB, DNS, SNMP, and Active Directory enumeration protection
-Updated exploits of Windows-specific services, including the MSRPC interface vulnerability that led to the Blaster worm, SQL Slammer, and eavesdropping attacks on Kerberos
-Details on the new IIS6 security architecture, URLScan, Microsoft Web services source code disclosure exploits, and HTR chunked encoding exploits
-All-new Terminal Services information including new password guessing, privilege escalation, and eavesdropping countermeasures
-New client-side exploits using popular multimedia file formats, and strong new countermeasures using Internet Explorer Enhanced Security Configuration
-The latest countermeasures for Denial of Service (DoS) attacks including bogon filtering and sink holes
-New security features such as Internet Connection Firewall, software restriction policies, and updates to IPSec

About the Authors:

Joel Scambray is Senior Director of Security for Microsoft's MSN and Stuart McClure is President/CTO of Foundstone, Inc., an enterprise security products company. They are co-authors of four editions of Hacking Exposed as well as Hacking Exposed Windows 2000.