Book: Securing Windows Server 2003

Windows Server 2003 is in use by thousands and thousands of businesses around the world but the scary thing is that hackers know that there are many ways to break into Windows Servers and attack your network.
Microsoft Windows Server 2003 is more than just a thoroughly modern PC-based server operating system. The product arrives loaded with a host of user and network services used by customers whose installations range from departmental servers to global enterprise networks. Unfortunately, each service has its own vulnerabilities. It’s no
wonder that security is of foremost concern to most system administrators.
It is so important that you educate yourself so that you can ensure you are on top of the best ways to secure your network.
Mike Danseglio’s book, published by O’Rely, “Securing Windows Server 2003” can provide you with an thorough but concise hands-on advice in how to best secure your network.
“Without security, any user or program could do anything to your servers–and wreak havoc on your ability to effectively manage the environment.” A security administrator wants to provide functionality and security to users without burdening them or restricting them in a way that hinders their work. “This is the mark of a
great security administrator,” says Danseglio. “The ability to successfully balance the security of proprietary and personal data and the usability of your system in a way that maximizes the productivity of your organization.”
The book provides readers with a concise overview of each service in
Windows Server 2003, its most common patterns of use, and specific
guidelines for making it secure. A unique feature of “Securing Windows
Server 2003″ is the Security Showdown technique the author uses to present
different approaches to security questions. “This is a point-counterpoint
debate between myself and a semi-fictional coworker, Don. I use it several
times throughout the book to show that some debates about security
methodologies and techniques are not easily answered. Some of them are so
contentious that they seem like religious debates at times,” explains
“You should understand that security-focused individuals tend to have opinions about security and that they like to argue with people who hold different values,” he continues. “These are good-natured and often help explain both positions. So please read these sections as I’ve intended, as an open discussion of the merits and hazards of multiple tactics to achieve the same goal.”
The book provides full coverage of the following topics:
-Understanding the capabilities of the Windows Server 2003 system
-Learning the basics of security, from encryption to account password protection
-Derailing low-tech intrusions by making systems physically secure and by using smart cards
-Securing Active Directory and using Group Policy and Security Templates as security tools
-Securing the core Windows Server 2003 networking services, including DNS,DHCP, IIS, IPSec, and remote access
-Using Windows Server 2003 authentication and authorization protocols, including Kerberos, PKI-based cryptography, and certification-based cryptography
-Solving the knotty problems of patch and update management, and implementing administrative security and auditing
-Stopping bad programs from running on your server