Cover image for Securing Windows NT/2000 servers for the internet
Securing Windows NT/2000 servers for the internet
Norberg, Stefan.
Personal Author:
Publication Information:
Sebastopol, CA : O'Reilly, [2001]

Physical Description:
xiv, 199 pages : illustrations ; 24 cm
Format :


Call Number
Material Type
Home Location
Item Holds
QA76.76.O63 N65 2001 Adult Non-Fiction Central Closed Stacks

On Order



In recent years, Windows NT and Windows 2000 systems have emerged as viable platforms for Internet servers. More and more organizations are now entrusting the full spectrum of business activities--including e-commerce--to Windows.Unfortunately, the typical Windows NT/2000 installation makes a Windows server an easy target for attacks, and configuring Windows for secure Internet use is a complex task. Securing Windows NT/2000 Servers for the Internet suggests a two-part strategy to accomplish the task:

"Hardening" any Windows server that could potentially be exposed to attacks from the Internet, so the exposed system (known as a "bastion host") is as secure as it can be. Providing extra security protection for exposed systems by installing an additional network (known as a "perimeter network") that separates the Internet from an organization's internal networks. Securing Windows NT/2000 Servers for the Internet is a concise guide that pares down installation and configuration instructions into a series of checklists aimed at Windows administrators. Topics include: Introduction--Windows NT/2000 security threats, architecture of the Windows NT/2000 operating system and typical perimeter networks. How to build a Windows NT bastion host. Configuring Windows and network services, encrypting the password database, editing the registry, setting system policy characteristics, performing TCP/IP configuration, configuring administrative tools, and setting necessary permissions. Differences between Windows NT and Windows 2000 security including IPSec (IP Security Protocol) configuration. Secure remote administration--SSH, OpenSSH, TCP Wrappers, the Virtual Network Console, and the new Windows 2000 Terminal Services. Windows NT/2000 backup, recovery, auditing, and monitoring--event logs, the audit policy, time synchronization with NTP (Network Time Protocol), remote logging, integrity checking, and intrusion detection. Administrators who carefully follow the detailed instructions provided in this book will dramatically increase the security of their Windows NT/2000 Internet servers.

Author Notes

Stefan Norberg is an independent network security consultant based in Stockholm, Sweden. Before becoming an independent contractor, he worked for Hewlett-Packard Consulting, where he built everything from large firewalls to highly available Unix clusters. During the last couple of years, he has spent most of his time designing and implementing Internet firewalls using building blocks like Cisco IOS, HP-UX, Linux, and Windows NT/2000. Every now and then, he enjoys teaching Windows NT/2000 classes. Stefan is an MCSE+Internet and Microsoft Certified Trainer. When he finds spare time, Stefan enjoys spending it with his wife Marianne and daughter Matilda.

Table of Contents

Prefacep. ix
1. Windows NT/2000 Securityp. 1
Internet Threatsp. 2
Building a Secure Site on the Internetp. 4
The Windows NT/2000 Architecturesp. 16
Windows NT/2000 in the Perimeter Networkp. 23
Cryptography Basicsp. 28
2. Building a Windows NT Bastion Hostp. 32
Installationp. 33
Using the Security Configuration Editorp. 36
Basic Configurationp. 38
Advanced Configurationp. 47
Setting System Policiesp. 57
TCP/IP Configurationp. 64
Configuring Administrative Tools and Utilitiesp. 76
Setting Permissionsp. 77
3. Building a Windows 2000 Bastion Hostp. 80
Differences Between the Systemsp. 80
IPSec in Windows 2000p. 87
4. Setting Up Secure Remote Administrationp. 102
Symantec pcAnywherep. 103
Windows 2000 Terminal Servicesp. 110
Open Source (SSH, Cygwin, TCP Wrappers, and VNC)p. 116
5. Backing Up and Restoring Your Bastion Hostp. 136
Defining Your Backup Policyp. 136
Backup Methodsp. 137
Types of Backupsp. 139
Backup Softwarep. 141
6. Auditing and Monitoring Your Perimeter Networkp. 145
System Auditing in Windowsp. 145
Time Synchronization Using NTPp. 153
Remote Logging and Log Managementp. 160
Integrity Checkingp. 163
Network-Based Intrusion Detection Systemsp. 166
7. Maintaining Your Perimeter Networkp. 169
Setting Up Policies and Proceduresp. 169
Performing Third-Party Auditsp. 170
Staying Informedp. 173
A. Well-Known Ports Used by Windows NT/2000p. 177
B. Security-Related Knowledge Base Articlesp. 180
C. Build Instructions for OpenSSH on Cygwinp. 182
Indexp. 185