Windows Server 2003 (Hacking Exposed) - Softcover

About the Authors

Joel Scambray is Chief Strategy Officer for Leviathan Security Group, an information security consultancy located in Seattle and Denver. As a member of Leviathan’s board and executive management team, Joel guides the evolution and execution of Leviathan’s business and technical strategy. Prior to Leviathan, Joel was a Senior Director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Before joining Microsoft, Joel co-founded security software and services startup Foundstone Inc. and helped lead it to acquisition by McAfee for $86M. He previously held positions as a Manager for Ernst & Young, security columnist for Microsoft TechNet, Editor at Large for InfoWorld Magazine, and Director of IT for a major commercial real estate firm. Joel is widely recognized as co-author of the original Hacking Exposed: Network Security Secrets & Solutions, the international best-selling computer security book that reached its Fifth Edition in April 2005. He is also lead author of the Hacking Exposed: Windows and Hacking Exposed: Web Applications series. Joel's writing draws primarily on his experiences in security technology development, IT operations security, and consulting. He has worked with organizations ranging in size from world’s largest enterprises to small startups. He has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM), as well as organizations including CERT, The Computer Security Institute (CSI), ISSA, ISACA, SANS, private corporations, and government agencies such as the Korean Information Security Agency (KISA), FBI, and the RCMP. Joel holds a BS from the University of California at Davis, a MA from UCLA, and he is a Certified Information Systems Security Professional (CISSP).

Stuart McClure is the co-author of all four editions of Hacking Exposed as well as Hacking Exposed Windows 2000. Stuart co-authored "Security Watch," a weekly column in InfoWorld addressing topical security issues, exploits, and vulnerabilities. He is the President/CTO of Foundstone, Inc. Prior to co-founding Foundstone, Stuart was a Senior Manager with Ernst & Young's Security Profiling Services Group, responsible for project management, attack and penetration reviews, and technology evaluations. Stuart trains Foundstone's Ultimate Hacking course, and Hacking Exposed Live for conferences such as Networld + InterOp, Black Hat, RSA, CSI, among others.

From the Back Cover

"The end-all of hacking.... A must-read if you want to secure your networks." --W2Knews

Plug the holes in your Windows infrastructure by seeing it through the eyes of the attacker

Protect your Windows Server 2003 systems from the latest widespread and devastating attacks the tried-and-true Hacking Exposed way. You'll learn, step-by-step, how intruders locate targets, gain super-user access, and ransack compromised networks. Fully updated chapters detail all-new Windows Server 2003 footprinting and scanning methods, IIS6 security flaws, buffer overflow exploits, Terminal Services hacks, and DoS/DDoS vulnerabilities. Real-world cases and code examples demonstrate the most current dangers and spell out countermeasures to stonewall malicious intruders every time.

New and Updated Material:

• All-new Windows footprinting and scanning tools and techniques
• NetBIOS, MSRPC, SMB, DNS, SNMP, and Active Directory enumeration protection
• Updated exploits of Windows-specific services, including the MSRPC interface vulnerability that led to the Blaster worm, SQL Slammer, and eavesdropping attacks on Kerberos
• Details on the new IIS6 security architecture, URLScan, Microsoft Web services source code disclosure exploits, and HTR chunked encoding exploits
• All-new Terminal Services information including new password guessing, privilege escalation, and eavesdropping countermeasures
• New client-side exploits using popular multimedia file formats, and strong new countermeasures using Internet Explorer Enhanced Security Configuration
• The latest countermeasures for Denial of Service (DoS) attacks including bogon filtering and sink holes
• New security features such as Internet Connection Firewall, software restriction policies, and updates to IPSec

About the Authors:

Joel Scambray is Senior Director of Security for Microsoft's MSN and Stuart McClure is President/CTO of Foundstone, Inc., an enterprise security products company. They are co-authors of four editions of Hacking Exposed as well as Hacking Exposed Windows 2000.