Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Windows Server 2003 Security", Blair Rampling

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKWS2K3S.RVW 20060815 Windows Server 2003 Security , Blair Rampling, 2003, 0-7645-4912-X, U$49.99/C$74.99/UK#34.95 %A Blair Rampling %C 5353 Dundas
    Message 1 of 1 , Sep 7, 2006
      BKWS2K3S.RVW 20060815

      "Windows Server 2003 Security", Blair Rampling, 2003, 0-7645-4912-X,
      %A Blair Rampling
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2003
      %G 0-7645-4912-X
      %I John Wiley & Sons, Inc.
      %O U$49.99/C$74.99/UK#34.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/076454912X/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/076454912X/robsladesin03-20
      %O Audience i Tech 1 Writing 1 (see revfaq.htm for explanation)
      %P 577 p.
      %T "Windows Server 2003 Security"

      Part one addresses security fundamentals. Chapter one looks at
      security threats, drawing a distinction between insider and outsider
      activities, and listing a few attack types. (Interestingly, the piece
      starts out with the statement that the job of the security
      administrator is to apply patches and to monitor for intrusions.) The
      network and system security overview, in chapter two, enumerates the
      security components, but provides very little in the way of
      explanation. Security architecture planning, in chapter three, seems
      to be restricted to standardization and documentation. Documentation
      is always good, but standardization may not be: it increases the risk
      of a universal failure. (We also get the usual advice to disable
      "unnecessary" services, without any discussion of "necessary.")
      Chapter four covers the installation of various auditing tools, but
      without any examination of analysis requirements. Various security
      related components of Windows 2003 are listed in chapter five.

      Part two contains an overview of system security. Chapter six deals
      with the installation of some of the services mentioned in five.
      Security applications, in chapter seven, provides installation
      instructions, but limited details for security features of the IIS
      (Internet Information Services) Web server, ftp server, SMTP mail, and

      Part three moves to authentication and encryption. Chapter eight
      gives an introduction to random topics in security, and then deals
      with installation of EFS (Encrypting File System) and PGP (Pretty Good
      Privacy). How to turn on SSL (Secure Sockets Layer) for IIS and SMTP
      Server is outlined in chapter nine. "Windows Server 2003
      Authentication" tells you how to initiate the use of smartcards and
      IIS certificates in chapter ten. Chapter eleven provides some setting
      information for Kerberos, but the fact that Rampling insists that
      Kerberos is based on asymmetric encryption makes the conceptual
      information rather suspect. Chapter twelve gives a terse overview of
      public key infrastructure. Screenshots of the dialogs for installing
      and configuring certificate services are in chapter thirteen. Chapter
      fourteen presents more pictures of starting Point-to-Point Tunnelling
      Protocol (PPTP) and Layer 2 Tunnelling Protocol (L2TP), but manages to
      leave the impression that these technologies give you encryption
      protection. IPSec, in chapter fifteen, gets more figures and little

      Part four looks at the Microsoft Internet Security and Acceleration
      (ISA) Server firewall. Chapter sixteen lists various firewall and
      cache functions. Installation, in chapter seventeen, is the usual
      series of screenshots. Caching is covered in eighteen.

      This is the usual "documentation replacement" type of text. In regard
      to security, it does bring together the major functions from Windows
      2003 into one volume, but provides no additional help (and numerous

      copyright Robert M. Slade, 2006 BKWS2K3S.RVW 20060815

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      That thought got run over as it was crossing my mind.
      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
    Your message has been successfully submitted and would be delivered to recipients shortly.