Re: best current comprehensive security book for Windows 2000/XP

From: byrne (m47e191yq20o3h@directvinternet.com)
Date: 06/15/02 

From: "byrne" <m47e191yq20o3h@directvinternet.com>
Date: Sat, 15 Jun 2002 09:24:31 -0700

Thanks for the info.

I'll be picking up Hacking Exposed Vol. 3 and have been
reading papers and reports at http://rr.sans.org and
http://securityfocus.com after having gone through
Microsoft's step by step guides, tools, and advice for
securing a Windows 2000 Pro workstation.

My interest was piqued when a non-essential system was
hacked at work this past week and it consumed much of my
time since Monday; reformatting, reinstalling, patching,
configuring, etc. in an unmanaged environment where system
administration isn't my primary function.

Our initial thinking pre-hack was since the system was non-
essential and we wanted to deploy several features we
knew, in combination, to be risky at best; if we got
hacked - no big deal... and the hack looked harmless at
first, (tagging up our ftp folders but leaving all of our
files intact) but the hacker also penetrated another
system on the same subnet, this one an un-used machine
running Win98 to the point that on first re-boot the
system wouldn't start and the bios reported varying sizes
and symbolic labels for the boot drive from 2MB to 400GB
which had me second guessing all systems on the LAN so I'm
giving each system my attention - progressively increasing
my time away from primary duties. We didn't loose any data
but paranoia's set in and my time investment has been well
beyond normal working hours - getting up to date on known
issues and vulnerabilities with not much background in
this arena...

What I need is better than par baseline security policies,
and a means to identify attempts at access early on -
something that notifies me in real time while I'm working
at my real job.

I hope to become better armed and aware to the extent that
I can, within the next week, competently implement the
proper strategy and employ lasting best practice tactics
that keep the script kiddies at bay at least 90% of the
time...

Thanks again for the input.

-byrne

>-----Original Message-----
>I haven't read all the books out there, but for
introductions I like the
>foundstone / osborne books. Hacking Exposed vol 3 read
first for hacks and
>mitigation, Incident Response next for forensics and
detection/response, and
>maybe Hacker's Challenge for some light reading and to
test your intrusion
>detection skills against real-world examples. I think
the intrusion
>detection books by Northcutt are recommended for
information about IDS,
>though it's more specialized where you seem to want
general overviews, also
>one of the books is being updated to vol 3 in two
months. If you want the
>newest possible reading, you may want to follow up your
book reading with
>web page reading, such as the reading room at sans.org,
or various sites
>that post analyses of daily sniffer / IDS logs [try maybe
incidents.org or
>dshield.org].
>
>"byrne" <m47e191yq20o3h@directvinternet.com> wrote in
message
>news:f0c901c21421$09082440$3bef2ecf@TKMSFTNGXA10...
>> Looking for the best, straightforward resource available
>> for someone interested in learning more about real-world
>> threat assessment, step by step best practice system
>> security configurations, practical defensive
strategies /
>> decoy deployment, system and network integrity
monitoring
>> and reporting, intrusion detection and isolation,
>> intrusion response strategies, intruder discovery /
back-
>> tracing / legal countermeasures, forensic evidence
>> required for prosecution / law and liability, and
recovery
>> from system / network compromise...
>>
>> My first review of available publications turned up
>> Hacking Exposed, Third Edition as a possible first buy
but
>> it went to print last year...
>>
>> Any thoughts on a better option with focus to global
>> threat analysis & prevention?
>>
>>
>
>
>.
>

Relevant Pages

  • Re: Rambling: the info (+ experiment on reader reaction)
    ... into writing her version of their stories. ... normal and nothing to object to for the characters, ... the fun of reading is the discovery. ... I come to books wanting to enjoy them. ...
    (rec.arts.sf.composition)
  • Re: As a matter of interest
    ... or reading the thread started by spinoza1111 might get some insights ... corporation shifted from producing academically respectable books such ... have an appropriate newsgroups line in your header for your mail to be seen, ...
    (comp.lang.c.moderated)
  • Re: How Our Brains Ignore Unpleasant Facts was: Re: The Reasonable
    ... point to your posts that you consider to be most Christlike, ... but either you're not reading what you claim to be reading or ... Biology readings would include two college level text books, ... History includes Barzun's Dawn to Decadence, ...
    (talk.origins)
  • Failure Is Always An Option (LONG)
    ... reading lists customized based on the kid's grade level and test ... books are suitable for their lowest-scoring students. ... Let's now talk about average public high school students, ...
    (rec.audio.opinion)
  • Re: OT -- Because...
    ... Does anyone here set aside time to spend reading on-line? ... I read quite a few physical books but I also do read online... ... between screens etc. ...
    (rec.music.makers.guitar.acoustic)