| |
| |
Preface | |
| |
| |
| |
Introduction to Windows .NET Security | |
| |
| |
| |
Introduction | |
| |
| |
War Driving | |
| |
| |
Who Should Read This Book? | |
| |
| |
Why Should I Read This Book? | |
| |
| |
What Are the Advantages of This Book? | |
| |
| |
How Will This Book Help Me? | |
| |
| |
Acknowledgments | |
| |
| |
| |
What's Different in Windows .NET Security | |
| |
| |
Overview | |
| |
| |
Microsoft Security Initiatives | |
| |
| |
Microsoft Hacker Partnership | |
| |
| |
Controlled Network Access | |
| |
| |
Blank Password Restriction | |
| |
| |
Encrypting File System and Offline Files | |
| |
| |
Remote Desktop | |
| |
| |
Remote Assistance | |
| |
| |
Internet Connection Sharing | |
| |
| |
Internet Connection Firewall | |
| |
| |
Location-Aware Networking | |
| |
| |
Smart Card Support | |
| |
| |
Windows .NET Wireless Security | |
| |
| |
New Windows .NET Server Wireless Features | |
| |
| |
Summary | |
| |
| |
| |
Securing Windows .NET Remote Administration | |
| |
| |
| |
Securing the Remote Desktop | |
| |
| |
Overview | |
| |
| |
Requirements | |
| |
| |
Installation and Setup of the Default Remote Desktop Connection | |
| |
| |
Installation, Setup, and Creation of the Remote Desktop Web Connection | |
| |
| |
Breaking the Remote Desktop Connection | |
| |
| |
Security Issues with the Remote Desktop Connection | |
| |
| |
Troubleshooting the Remote Desktop Connection | |
| |
| |
Summary | |
| |
| |
| |
Securing Remote Assistance | |
| |
| |
Overview | |
| |
| |
Requirements for Remote Assistance | |
| |
| |
Using Remote Assistance | |
| |
| |
Remote Assistance and Security Issues | |
| |
| |
Troubleshooting Remote Assistance | |
| |
| |
Summary | |
| |
| |
| |
Windows .NET Client Security: Protecting Windows XP | |
| |
| |
Spotlight: The "Raw Sockets" Controversy | |
| |
| |
Introduction | |
| |
| |
What Are Raw Sockets? | |
| |
| |
What Does Windows XP Have to Do with Raw Sockets? | |
| |
| |
Is the Threat Real? | |
| |
| |
Summary | |
| |
| |
Frequently Asked Questions | |
| |
| |
| |
The Internet Connection Firewall | |
| |
| |
Overview | |
| |
| |
Firewall Review | |
| |
| |
Enabling and Disabling the ICF | |
| |
| |
Services Options | |
| |
| |
Programs Options | |
| |
| |
Security Logging Options | |
| |
| |
ICMP Options | |
| |
| |
Internet Connection Sharing | |
| |
| |
Network Bridging | |
| |
| |
Summary | |
| |
| |
| |
Wireless Security | |
| |
| |
Overview | |
| |
| |
Advantages of Wireless Networking | |
| |
| |
802.11 and 802.1x Authentication | |
| |
| |
Setting Up and Automatic Wireless Network | |
| |
| |
Set Up 802.1x Authentication | |
| |
| |
Connecting to Wireless Networks | |
| |
| |
Summary | |
| |
| |
| |
Configuring Windows .NET Server Security | |
| |
| |
| |
Kerberos Authentication | |
| |
| |
Overview | |
| |
| |
Kerberos Authentication | |
| |
| |
Changing Kerberos Default Policies | |
| |
| |
Kerberos Security Environment | |
| |
| |
Kerberos Constants and Ticket Flags | |
| |
| |
Interoperability with Other Kerberos Implementations | |
| |
| |
Public Key Cryptography and Kerberos | |
| |
| |
Summary | |
| |
| |
| |
Encrypting File System | |
| |
| |
Overview | |
| |
| |
Data Recovery | |
| |
| |
Recovering Encrypted Files | |
| |
| |
Using Cipher.exe | |
| |
| |
Components of the EFS Architecture | |
| |
| |
Encryption Examples | |
| |
| |
Encrypting Offline Files | |
| |
| |
Summary | |
| |
| |
| |
Public Key Infrastructure | |
| |
| |
Overview | |
| |
| |
Benefits of Windows .NET PKI | |
| |
| |
Certificate Authorities | |
| |
| |
X.509 Certificate Standard | |
| |
| |
Deploying a Certification Authority | |
| |
| |
Renewing CA Certificates | |
| |
| |
Certificate Store | |
| |
| |
Certificate Services Backup and Recovery | |
| |
| |
Summary | |
| |
| |
| |
Smart Cards | |
| |
| |
Introduction | |
| |
| |
Deploying Smart Cards | |
| |
| |
Smart Card Policies | |
| |
| |
Personal Identification Numbers | |
| |
| |
Windows .NET-Certified Readers | |
| |
| |
Smart Card Reader Design | |
| |
| |
Configuring the Smart Card Reader | |
| |
| |
Smart Card Certificates | |
| |
| |
Summary | |
| |
| |
| |
Designing Secure Virtual Private Networks (VPN) | |
| |
| |
Overview | |
| |
| |
Background | |
| |
| |
VPN Protocols | |
| |
| |
Configuring the VPN Server | |
| |
| |
Configuring the VPN Client | |
| |
| |
New RADIUS Features in Windows .NET Server | |
| |
| |
Configuring a RADIUS Server | |
| |
| |
Summary | |
| |
| |
| |
Security Configuration Tool Set | |
| |
| |
Overview | |
| |
| |
Security Configuration and Analysis Snap-in | |
| |
| |
Secedit.exe | |
| |
| |
Security Setting Extensions to Group Policy | |
| |
| |
Security Templates Snap-in | |
| |
| |
Predefined Security Templates | |
| |
| |
Summary | |
| |
| |
| |
Configuring Windows .NET Internet Security | |
| |
| |
| |
Securing Internet Information Server | |
| |
| |
Overview | |
| |
| |
Installation | |
| |
| |
WWW Service | |
| |
| |
FTP Service | |
| |
| |
Exploit Scanners | |
| |
| |
Summary | |
| |
| |
| |
Configuring IP Security | |
| |
| |
Overview | |
| |
| |
Using the IPSec Snap-in | |
| |
| |
Configuring IPSec | |
| |
| |
Enabling Audit Policy | |
| |
| |
Using Network Monitor with IPSec | |
| |
| |
IPSec Statistics | |
| |
| |
Establishing an IPSec Security Plan | |
| |
| |
Ipseccmd.exe | |
| |
| |
Summary | |
| |
| |
| |
How to Beat Bugtraq by Seven Days | |
| |
| |
Overview | |
| |
| |
Cloaking Your Identity | |
| |
| |
Anonymous Proxies | |
| |
| |
Configuring Anonymous Browsing | |
| |
| |
Configuring IRC for Anonymity | |
| |
| |
Counterintelligence | |
| |
| |
Summary | |
| |
| |
| |
Suggested Reading | |
| |
| |
On the Web | |
| |
| |
Books | |
| |
| |
Index | |