"Securing Windows NT/2000 Servers for the Internet", Stefan Norberg,
2001, 1-56592-768-0, U$29.95/C$43.95
%A Stefan Norberg stefan@... http://people.hp.se/stnor
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%I O'Reilly & Associates, Inc.
%O U$29.95/C$43.95 800-998-9938 fax: 707-829-0104 nuts@...
%P 199 p.
%T "Securing Windows NT/2000 Servers for the Internet"
This book is based on the paper "Building a Windows NT bastion host in
practice," which is available on the author's Web site. The title of
the essay is much more accurate than the title of the text. The work
is concerned strictly with bastion hosts, and does not address, in
more than a nominal way, considerations of applications that are
necessarily part of any Internet server.
Chapter one takes a brief, scattered, and not very clear look at a
number of issues related to Windows and/or security. This disregard
for background information extends into chapter two. Having presented
an extensive list of services to turn off, Norberg tells us that "[you
now] understand the purpose of all active software components on the
host." The irony of this bald assertion stems from the fact that
there has been little discussion of why these services are to be
turned off, and what you lose along the way. (Further, for those new
to Windows NT or 2000, there is no indication of how to accomplish the
task of reduction.) Once we get into more advanced tuning there is
slightly more information, but not much. The material on the
differences in Win2K, contained in chapter three, does present a bit
more detail on how to accomplish the restrictions.
Chapter four describes a number of software tools that will encrypt
sessions to be used for remote administration, but does not deal with
system management itself. The standard advice you always read about
backups ("make one") is repeated in chapter five. Chapter six reviews
auditing and logging, with, for some unknown reason, four times as
much space devoted to network time synchronization as to intrusion
detection. "Maintaining Your Perimeter Network" is the title of
chapter seven, but it seems to be a return to the same kind of
catchall discussion that started the book.
In the Preface, Norberg does state that the book is not intended as a
primer for security, or even for Windows security. The text is
written as a kind of a checklist for those thoroughly familiar with NT
or 2K. There is, of course, nothing wrong with such an approach, and
those in the target audience will appreciate the brevity of this
concise guide. The approach does, however, severely limit the utility
of the work. Chapter two (and three, if you are using Win2K) is the
heart of the book, and the rest seems to be an attempt to expand the
text to more than pamphlet length.
copyright Robert M. Slade, 2001 BKSWN2SI.RVW 20010320
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
Program testing can be used to show the presence of bugs, but
never to show their absence. - Edsger W. Dijkstra