- AusCERT 2013: Introduction to Network Security Monitoring with Security Onion - AusCERT Presentation
- Auscert 2013: Perimeter protection has failed, encryption needs its day in the sun
- Researchers find more versions of digitally signed Mac OS X spyware
- AusCERT 2013: Low-level analysis can find, map data deleted from Android phones
- Cybercrime Survey: Almost half of small business victims
Administering Windows Vista Security: The Big Surprises
Get an early start on Windows Vista security and the technology shifts you'll need to know as a systems administrator. From leading Windows expert Mark Minasi comes this "just-in-time" book to get you there. This targeted, hands-on guide takes a rapid-fire approach to the biggest security changes and how they'll affect business as usual for those who must integrate and provide technical support for Windows Vista. You'll find practical instruction, tips, workarounds, and much more.
* Work through a slew of Vista surprises, such as logging on as Administrator and how to re-enable Run
* Discover how virtualization works--and where it doesn't
* Find out why you can no longer delete files in System32, even though you are an Administrator
* Get familiar with new post-boot security features such as PatchGuard
* Protect laptops to the max with the innovative BitLocker feature
* Meet the new Windows Integrity mechanism
* Explore the revamped Event Viewer, event forwarding, and new troubleshooting tools
Go above and beyond what you've heard about Vista
Discover the changes to Share and Registry Access
Catch up on all the encryption news and services
Try out Vista Remote Desktop with its enhanced security
About the Series
The Mark Minasi Windows Administrator Library equips system administrators with in-depth technical solutions to the many challenges associated with administering Windows in an enterprise setting. Series editor Mark Minasi, a leading Windows expert, not only selects the topics and authors, he also develops each book to meet the specific needs and goals of systems administrators, MIS professionals, help-desk personnel, and corporate programmers.
Byron Hynes works in the Windows Server User Assistance group at Microsoft. He has prior experience running a regional Internet backbone, troubleshooting client-server and Web-enabled applications, and designing network infrastructures and security models. Byron co-authored Hands-On Microsoft Windows Server 2003 Active Directory.
Table of Contents
Chapter 1 Administering Vista Security: The Little Surprises.
Restoring the Administrator.
Making Your Own Administrator.
Activating the Administrator Account.
Power Users Are Essentially Gone.
“Run…” Is Off the Start Menu.
BOOT.INI Is Gone, BCD Is Here.
Creating a Second OS Entry.
Understanding Vista Boot Manager Identifiers.
Choosing Timeout and Default OS with bcdedit.
Changing an Entry Option.
Cleaning Up: Deleting OS Entries.
“Documents and Settings” Is Gone, Kind Of.
IPv6 and Network Properties.
Remote Desktop Gets a Bit More Secure.
NTFS and the Registry Are Transaction Based.
Undelete Comes to Windows for Real!
Changes in Security Options.
Changes to Named Pipe Access.
Changes to Share and Registry Access.
LM Deemphasized, NTLMv2 Emphasized.
No More Unsigned Driver Warnings.
Vista Includes New Cryptographic Services.
You Can Encrypt Your Pagefile.
Offline Files Folders Are Encrypted per User.
New Event Viewer.
XML Format Comes to Event Viewer.
Custom Queries Lets You Customize Event Viewer.
Generating Actions from Events.
Telling the Event Log Service to Display Messages.
Forwarding Events from One Computer to Another.
Creating an Example Subscription.
Troubleshooting Subscription Delays.
Event Forwarding in Workgroups.
Chapter 2 Understanding User Account Control (UAC): “Are You Sure, Mr. Administrator?”
Why UAC Is Good, after All.
UAC Benefits for Users.
UAC Benefits for Admins.
UAC as a Transition Tool.
An Overview of UAC.
Digging Deeper into UAC.
How Windows Creates the Standard User Token.
How to Tell UAC to Use the Administrator Token.
What Tells Windows to Use the Administrator Token.
Reconfiguring User Account Control.
Turning UAC On, Off, or in Overdrive.
Configuring UAC Junior: UAC for the User.
Side Point: How “Administrator-ish” Must You Be to Get UACed?
Excluding the Built-in Administrator.
Telling UAC to Skip the Heuristics.
Controlling Secure Desktop.
Sign or Go Home: Requiring Signed Applications.
Working around Apps That Store Data in the Wrong Places.
The Big Switch: Turning Off UAC Altogether.
Will UAC Succeed?
Chapter 3 Help for Those Lame Apps: File and Registry Virtualization.
File and Registry Virtualization Basics.
Seeing File Virtualization in Action.
File and Registry Virtualization Considerations.
Which Areas Are Protected and Where They Are Virtualized.
How Virtualization Handles Files.
How Virtualization Handles the Registry.
What Does “Legacy” Mean, Exactly?
Seeing Virtualization in Standard Versus Administrative Users.
A Possible Virtualization Problem.
The Future of Virtualization.
4 Understanding Windows Integrity Control.
Windows Integrity Control Overview.
Mandatory Controls Versus Discretionary Controls.
The Orange Book.
C2 Certification and NT.
C and B: Discretionary Versus Mandatory.
WIC’s Six Integrity Levels.
How Objects Get and Store Integrity Levels: Mandatory Labels.
Process Integrity Levels.
Seeing Processes in Action.
Example: Starting a Low Integrity Application.
Internet Explorer Protected Mode and WIC.
A Prime Directive Puzzle: WIC and Deletes.
Using WIC ACEs to Restrict Access.
Things WIC ACEs Can’t Do.
You Cannot Apply Mandatory Labels with Group Policy.
You Cannot Create Standard Permissions That Name Mandatory Labels.
A Note on Modifying System Files.
Dialing Up Custom Labels.
Meet SDDL Strings.
Understanding the Secret Language of Bs: SDDL Label Syntax.
Using SDDL Strings to Set Integrity Levels.
Chapter 5 BitLocker: Solving the Laptop Security Problem.
The Laptop Security Problem Today.
BitLocker Drive Encryption—The Overview.
What Is a TPM?
Full Disk Encryption.
Authentication or Access Control.
Increasing Security with Additional Key Protectors.
Boot Process Validation (Integrity Check).
Enabling BitLocker for the First Time.
Using BitLocker without a TPM.
Summary of Key Protectors.
Recovery Example 1: Desktop Hardware Failure (Stand-alone System without a TPM).
Recovery Example 2: Laptop Hardware Failure (TPM-based).
Recovery Example 3: Lost USB Key (Computer with a TPM).
Recovery Example 4: “Found” Laptop.
BitLocker and Active Directory.
Group Policy Options.
Managing the TPM and BitLocker in the Enterprise.
Servicing a BitLocker-Protected Computer.
Planning for BitLocker Deployment.
Chapter 6 Post-Boot Protection: Code Integrity, New Code Signing Rules, and PatchGuard.
Address Space Layout Randomization.
Giving 64-bit More Armor.
What Can Go Wrong?
New Code Signing Rules.
What Is Code Signing and Why Does It Matter?
Protected Media Path Requirements.
Getting Down to Business: Code Signing an Application or Driver.
Getting Down to Business: Deploying an Application or Driver Signed by a Publisher.
Chapter 7 How Vista Secures Services.
Services in Brief.
Service Control Manager.
How Vista Toughens Services: Overview.
Reducing Service Privileges.
Developers Can Reduce Service Privileges.
Admins Can Also Reduce Service Privileges.
Special Case: Multiple Services Needing Different Privileges.
Reduced Privilege Summary.
How Service Isolation Works.
Restricting a Service’s SID.
Granting Write Permissions to a Service SID.
Understanding the sc.exe.
Restricted SID Commands.
Restricting a Service’s Network Ports.
There is a definite need for better data protection solutions in today’s enterprise data centres. The question is whether to continue with software-only backup and recovery solutions, or to make the move to a purpose-built backup appliance with de-duplication capabilities. This paper discusses the trends that have made modernising backup and recovery an urgent priority. Click to download.
HandBrake is an opensource tool that allows you to backup your DVDs so that you can store and watch them on your computer. Features include: ...
Allianz Shared Infrastructure Services SE (ASIC) wanted to replace its current suite of management tools, some of which had been developed in-house, with a standard solution for the management of 600 network components in its data centre, in order to reduce costs and further improve quality. Find out what approach they took download today.
- FTTechnical Consulting ManagerNSW
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTTest Analyst (MS Environment) .netNSW
- FTTest Analyst (MS Environment) .netNSW
- FTTest EngineerVIC
- FTSenior Python DeveloperNSW
- FTWeb Analyst - WebTrendsVIC
- FTQuality ManagerSA
- FTFlash / ActionScript Developer - ContractNSW
- FTLead Software EngineerSA
- FTR&D EngineerSA
- FTOS Web Applications DeveloperNSW
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- Lack of information, skills hinder finance-business partnering: Deloitte
- Rapid-growing mobile payments market is driving a financial fraud marketplace
- HP profit falls 32 per cent as PC and server sales decline
- Google launching new fund for later-stage tech investments
- Apple defends offshore decisions that result in low taxes