Thor's Microsoft Security Bible - 1st Edition - ISBN: 9781597495721, 9781597495738

Thor's Microsoft Security Bible

1st Edition

A Collection of Practical Security Techniques

Authors: Timothy "Thor" Mullen
eBook ISBN: 9781597495738
Hardcover ISBN: 9781597495721
Imprint: Syngress
Published Date: 27th July 2011
Page Count: 336
Tax/VAT will be calculated at check-out
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
20% off
20% off
30% off
30% off
30% off
30% off
30% off
58.95
47.16
47.16
41.27
41.27
41.27
41.27
41.27
36.99
29.59
29.59
25.89
25.89
25.89
25.89
25.89
45.95
36.76
36.76
32.16
32.16
32.16
32.16
32.16
Unavailable
File Compatibility per Device

PDF, EPUB, VSB (Vital Source):
PC, Apple Mac, iPhone, iPad, Android mobile devices.

Mobi:
Amazon Kindle eReader.

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Thor's Microsoft Security Bible provides a one-stop-shop for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. Written by world-renowned security expert Timothy Thor Mullen, the book presents a fascinating collection of practical and immediately implementable Microsoft security techniques, processes and methodologies uniquely illustrated through real-world process examples.

This book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, and application specific security (IIS, SQL, Active Directory, etc.). It also includes new, never-before-published security tools complete with source code; detailed technical information on security processes for all major Microsoft applications; unique project-based storytelling delivery, combining multiple security techniques and methods together for real-world solutions to security challenges in actual business use cases; reference-style content for access to specific application security techniques and methods; actual author opinion and guidance as not only HOW to go about security particular applications, but WHY to do so.

This book will be of interest to systems and network administrators, IT managers, security and network engineers, and database administrators.

Key Features

  • Named the 2011 Best Systems Administration Book by InfoSec Reviews
  • Detailed technical information on security processes for all major Microsoft applications
  • Unique project-based "storytelling" delivery, combining multiple security techniques and methods together for real-world solutions to security challenges in actual business use cases
  • Reference-style content for access to specific application security techniques and methods
  • Actual author opinion and guidance as not only HOW to go about security particular applications, but WHY to do so

Readership

Systems and Network Administrators, IT Managers, Security and Network Engineers, Database Administrators

Table of Contents

Chapter 1 Securely Writing Web Proxy Log Data to Structured Query Language (SQL) Server and Programmatically Monitoring Web Traffic Data in Order to Automatically Inject Allow/Deny Rules into Threat Management Gateway (TMG)

Introduction

Scope and Considerations

Implementation

Securely Logging Data to SQL

Designing the Workflow

Execution

Summary

Chapter 2 Internet Information Server (IIS) Authentication and Authorization Models, and Locking Down File Access with Encrypting File System (EFS) and Web Distributed Authoring and Versioning (Web DAV)

Introduction

RSA and AES

Building the Web Application Structure

MISSING TITLE

Security in Depth

Securing Access with WebDAV

Conclusion

Summary

Chapter 3 Analyzing and Blocking Malicious Traffic Based on Geolocation

Introduction

Research and Due Diligence

Implementing a Solution

Integrating with TMG

Summary

References

Chapter 4 Creating an Externally Accessible Authenticated Proxy in a Secure Manner

Introduction

Build It, and They Will Come

Summary

Chapter 5 The Creation and Maintenance of Low Privileged Service Users (with a focus on SQL)

Introduction

Creating and Configuring Service User Accounts

Real, Quantifiable Password Strength, and How to Measure It

Summary

References

Chapter 6 Remote Security Log Collection in a Least Privilege Environment

Introduction

Log Fetcher Architecture

Accessing WMI

Show Me The Code!

Summary

Chapter 7 Securing RDP

Introduction

General RDP Attacks and Mitigation

RDP Solutions Overview

Direct Access of Multiple RDP Hosts

RDG/TSG

RDP Host Security

RDWeb and RemoteApp

Workstation Host Considerations

Limiting Access with Source Port Access Rules

Summary

Appendix A List Of Acronyms

Appendix B Full list of Server 2008 logs via WEVTUTIL tool

 

 

 

 

 

 

 

Details

No. of pages:
336
Language:
English
Copyright:
© Syngress 2011
Published:
Imprint:
Syngress
eBook ISBN:
9781597495738
Hardcover ISBN:
9781597495721

About the Author

Timothy "Thor" Mullen

Timothy “Thor” Mullen is an independent programming consultant who, after 25 years of supporting Microsoft operating systems and programming languages, has completely abandoned all Microsoft technologies in favor of Apple OS X and open source systems such as Linux and BSD.

After years working for the software giant, Thor now condemns the company for their unethical practices and evangelizes for Apple OS X and open systems and has committed his research to the betterment of users by providing guidance for users to switch from their dependency upon Windows and enjoy the superior, secure, and feature-rich experience that is OS X.

Affiliations and Expertise

Independent programming consultant and author of Thor's Microsoft Security Bible

Awards

First - Best Systems Administration Books, 2011, InfoSec Reviews

Reviews

"Mullen presents realistic business scenarios with tips on products, tools, and methods to create an autonomous web traffic monitor, analyze and block traffic based on geolocation, set up a secure external web proxy, cover remote desktop protocol security, and create and maintain service users."--Reference and Research Book News, August 2013
"This book presents a fascinating collections of practical and immediately implementable Microsoft security techniques, processes, and methodologies uniquely illustrated through real-world process examples. The author enriches the reader with detailed technical information on security processes for all major Microsoft applications in simple readable form…Top security professionals as well as many younger aspirants in the security sector should find this book extremely informative and useful."--Security Management, December 2012, page 83
"I was looking for the standard security bible (change this setting or that setting), and I did ultimately get that. Thor’s chosen delivery method does walk through the changing of settings, but does it in such a subtle way as to not make the content boring. This is a book that when you begin, you think ‘huh?’ But once you complete it, you think ‘Ah ha!’ Generally, security bibles can be dull, but given the author’s humor, vast knowledge of securing Windows Server 2008, and his ability to explain the topics to even a novice, makes this work shine. Anyone working in a Windows Server environment is doing themselves a disservice by not reading this book. The included video content was refreshing, as the author continues his dialogue with you. He walks through setting up Chapter 1 and Chapter 7 on the fly, so any mistakes you will see. It was nice to hear his voice, since, if you’re like me, it makes it easier when reading. TMSB is a great book, and for all you Windows 2008 Server Administrators out there, I’d run, not walk, to get this book!"--
EthicalHacker.net
"This book is aimed at technical, security and non-security professionals alike, used to bolster their security knowledge and to allow them to harden services that are often reliant on general OS hardening and firewalls. The book offers detailed descriptions on how to provide secure infrastructure services, such as SQL, as a least- privileged account, and therefore offers system engineers a guide to bolstering their system’s security posture as much as is possible."--Best Systems Administration Book in InfoSecReviews Book Awards