Thor's Microsoft Security Bible
View on ScienceDirect

Thor's Microsoft Security Bible

A Collection of Practical Security Techniques

1st Edition - July 16, 2011

Write a review

  • Author: Timothy Mullen
  • eBook ISBN: 9781597495738
  • Hardcover ISBN: 9781597495721

Purchase options

Purchase options
DRM-free (PDF, Mobi, EPub)
eBook Format Help
Available
Sales tax will be calculated at check-out

Institutional Subscription

Support CenterReturns & Refunds
Free Global Shipping
No minimum order

Description

Thor's Microsoft Security Bible provides a one-stop-shop for Microsoft-related security techniques and procedures as applied to the typical deployment of a Microsoft-based infrastructure. Written by world-renowned security expert Timothy Thor Mullen, the book presents a fascinating collection of practical and immediately implementable Microsoft security techniques, processes and methodologies uniquely illustrated through real-world process examples. This book contains detailed security concepts and methodologies described at every level: Server, Client, Organizational Structure, Platform-specific security options, and application specific security (IIS, SQL, Active Directory, etc.). It also includes new, never-before-published security tools complete with source code; detailed technical information on security processes for all major Microsoft applications; unique project-based storytelling delivery, combining multiple security techniques and methods together for real-world solutions to security challenges in actual business use cases; reference-style content for access to specific application security techniques and methods; actual author opinion and guidance as not only HOW to go about security particular applications, but WHY to do so. This book will be of interest to systems and network administrators, IT managers, security and network engineers, and database administrators.

Key Features

  • Named the 2011 Best Systems Administration Book by InfoSec Reviews
  • Detailed technical information on security processes for all major Microsoft applications
  • Unique project-based "storytelling" delivery, combining multiple security techniques and methods together for real-world solutions to security challenges in actual business use cases
  • Reference-style content for access to specific application security techniques and methods
  • Actual author opinion and guidance as not only HOW to go about security particular applications, but WHY to do so

Readership

Systems and Network Administrators, IT Managers, Security and Network Engineers, Database Administrators

Table of Contents

  • Chapter 1 Securely Writing Web Proxy Log Data to Structured Query Language (SQL) Server and Programmatically Monitoring Web Traffic Data in Order to Automatically Inject Allow/Deny Rules into Threat Management Gateway (TMG)

    Introduction

    Scope and Considerations

    Implementation

    Securely Logging Data to SQL

    Designing the Workflow

    Execution

    Summary

    Chapter 2 Internet Information Server (IIS) Authentication and Authorization Models, and Locking Down File Access with Encrypting File System (EFS) and Web Distributed Authoring and Versioning (Web DAV)

    Introduction

    RSA and AES

    Building the Web Application Structure

    MISSING TITLE

    Security in Depth

    Securing Access with WebDAV

    Conclusion

    Summary

    Chapter 3 Analyzing and Blocking Malicious Traffic Based on Geolocation

    Introduction

    Research and Due Diligence

    Implementing a Solution

    Integrating with TMG

    Summary

    References

    Chapter 4 Creating an Externally Accessible Authenticated Proxy in a Secure Manner

    Introduction

    Build It, and They Will Come

    Summary

    Chapter 5 The Creation and Maintenance of Low Privileged Service Users (with a focus on SQL)

    Introduction

    Creating and Configuring Service User Accounts

    Real, Quantifiable Password Strength, and How to Measure It

    Summary

    References

    Chapter 6 Remote Security Log Collection in a Least Privilege Environment

    Introduction

    Log Fetcher Architecture

    Accessing WMI

    Show Me The Code!

    Summary

    Chapter 7 Securing RDP

    Introduction

    General RDP Attacks and Mitigation

    RDP Solutions Overview

    Direct Access of Multiple RDP Hosts

    RDG/TSG

    RDP Host Security

    RDWeb and RemoteApp

    Workstation Host Considerations

    Limiting Access with Source Port Access Rules

    Summary

    Appendix A List Of Acronyms

    Appendix B Full list of Server 2008 logs via WEVTUTIL tool

     

     

     

     

     

     

     

Product details

  • No. of pages: 336
  • Language: English
  • Copyright: © Syngress 2011
  • Published: July 16, 2011
  • Imprint: Syngress
  • eBook ISBN: 9781597495738
  • Hardcover ISBN: 9781597495721

About the Author

Timothy Mullen

Timothy “Thor” Mullen is an independent programming consultant who, after 25 years of supporting Microsoft operating systems and programming languages, has completely abandoned all Microsoft technologies in favor of Apple OS X and open source systems such as Linux and BSD.

After years working for the software giant, Thor now condemns the company for their unethical practices and evangelizes for Apple OS X and open systems and has committed his research to the betterment of users by providing guidance for users to switch from their dependency upon Windows and enjoy the superior, secure, and feature-rich experience that is OS X.

Affiliations and Expertise

Independent programming consultant and author of Thor's Microsoft Security Bible

Ratings and Reviews

Write a review

There are currently no reviews for "Thor's Microsoft Security Bible"