The latest Windows security attack and defense strategies
"Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell
Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to:
Establish business relevance and context for security by highlighting real-world risks
Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided
Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems
Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques
Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services
See up close how professional hackers reverse engineer and develop new Windows exploits
Identify and eliminate rootkits, malware, and stealth software
Fortify SQL Server against external and insider attacks
Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats
Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
Really Good This Book it's the one you should read If you want to learn how to protect against hackers methodologies out there, highly recommended.
Must have book! This is a must-have book for anyone who works with Windows clients or servers as a part of their job. It gives a lot of detail, both on what security issues Windows security administrators face, as well as guidance on how to mitigate risks regarding Windows security. The checklists in the back of the book alone are worth keeping as a baseline lockdown policy.
Not bad for the 3rd iteration Disclaimer: I received a review copy of HE:Windows.
The latest HE:Windows takes us toe to toe with Vista and Server 2008 and gives us a recap of some Win2k3 and Win2k knowledge. I was torn between whether to give this book three or four stars. I ended up giving it a four because it was well written, hit the majority objectives it laid out, and would be useful for someone that didn't have the two previous iterations, if you have the other two keep in mind there is a fair amount of content reuse and if you do this for a living, it may come up short of expectations.
The book covers a lot of ground but at the end I was left feeling like the authors were saying that if I was pentesting a Vista host or Server 2008 host/domain I should just call it quits. Going back and rereading a bit of the HE: Windows Server 2003 book I felt they said the same thing in that book as well. This obviously ended up being not the case, and I don't think will be the case with Vista and Server 2008 either. Its also not a viable option for any penetration tester.
Some examples of what I am talking about can be seen in Chapter 4 where the SMB enumeration examples only work against Windows 2000 and maybe Windows XP SP1. No mention of how to actually start pulling that information out from current environments. The Active Directory section reused the old content and made no discussion of any current tools or changes in 2003 environments and 2008 environments which have pretty much eliminated anonymous binds to extract information. Chapter 5, Hacking Windows Specific Services reused a lot of content which was disappointing, especially disappointing was the reuse of the smbrelay content, especially with tools that work much better like the smbrelay module in the metasploit framework.
The rootkit chapter is pretty good and talks about a rootkit I had never heard of (Unreal rootkit)..
Client side attacks has a decent update to it covering phishing, ActiveX, office and pdf exploits and a bit of cross site scripting, but refers you to the HE Web Applications book for more detail, which is fair.
Physical Attacks section is mostly the same with some updates on wireless, keyloggers and bootkits but mostly just overviews not followable steps.
Ch12 windows security features and tools is probably what pushed the book from a 3 to a 4. It covered bitlocker, Vista Windows integrity control, server hardening, stack protections, and others information.
Hacking Exposed Windows 3rd Edition This book is awesome! It covers everything including vista. I have many editions of hacking exposed and so far I am loving it!
Anything Goes Trivia
Megaton Man
Trevor
