Sign in  |  Register
Advanced search
Publication Cover

CITATION

Scambray, Joel. Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition. US: McGraw-Hill Osborne Media, 2007.

Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition

Authors: Joel Scambray

Published:  December 2007

eISBN: 9780071596695 0071596690 | ISBN: 9780071494267
Open eBook
  • Contents
  • Foreword
  • Acknowledgments
  • Introduction
  • 1 Information Security Basics
  • A Framework for Operational Security
  • Plan
  • Prevent
  • Detect
  • Respond
  • Rinse and Repeat
  • Basic Security Principles
  • Summary
  • References and Further Reading
  • 2 The Windows Security Architecture from the Hacker’s Perspective
  • Overview
  • Attacking the Kernel
  • Attacking User Mode
  • Access Control Overview
  • Security Principals
  • SIDs
  • Users
  • Groups
  • Computers (Machine Accounts)
  • User Rights
  • Putting It All Together: Access Control
  • The Token
  • Network Authentication
  • The SAM and Active Directory
  • Forests, Trees, and Domains
  • Scope: Local, Global, and Universal
  • Trusts
  • Administrative Boundaries: Forest or Domain?
  • Auditing
  • Cryptography
  • The .NET Framework
  • Summary
  • References and Further Reading
  • 3 Footprinting and Scanning
  • Footprinting
  • Scanning
  • A Final Word on Footprinting and Scanning
  • Summary
  • References and Further Reading
  • 4 Enumeration
  • Prelude: Reviewing Scan Results
  • NetBIOS Names vs. IP Addresses
  • NetBIOS Name Service Enumeration
  • RPC Enumeration
  • SMB Enumeration
  • Windows DNS Enumeration
  • SNMP Enumeration
  • Active Directory Enumeration
  • All-in-One Enumeration Tools
  • Summary
  • References and Further Reading
  • 5 Hacking Windows-Specific Services
  • Guessing Passwords
  • Close Existing SMB Sessions to Target
  • Review Enumeration Results
  • Avoid Account Lockout
  • The Importance of Administrator and Service Accounts
  • Eavesdropping on Windows Authentication
  • Subverting Windows Authentication
  • Exploiting Windows-Specific Services
  • Summary
  • References and Further Reading
  • 6 Discovering and Exploiting Windows Vulnerabilities
  • Security Vulnerabilities
  • Finding Security Vulnerabilities
  • Prep Work
  • Exploiting ANI
  • Summary
  • References and Further Reading
  • 7 Post-Exploit Pillaging
  • Transferring Attacker’s Toolkit for Further Domination
  • Remote Interactive Control
  • Password Extraction
  • Introduction to Application Credential Usage and the DPAPI
  • Password Cracking
  • Cracking LM Hashes
  • Cracking NT Hashes
  • Rinse and Repeat
  • Summary
  • References and Further Reading
  • 8 Achieving Stealth and Maintaining Presence
  • The Rise of the Rootkit
  • Windows Rootkits
  • The Changing Threat Environment
  • Achieving Stealth: Modern Techniques
  • Windows Internals
  • DKOM
  • Shadow Walker
  • Antivirus Software vs. Rootkits
  • Windows Vista vs. Rootkits
  • Kernel Patch Protection (KPP): Patchguard
  • UAC: You’re About to Get 0wn3d, Cancel or Allow?
  • Secure Startup
  • Other Security Enhancements
  • Summary of Vista vs. Rootkits
  • Rootkit Detection Tools and Techniques
  • Rise of the Rootkit Detection Tool
  • Cross-View-Based Rootkit Detection
  • Ad Hoc Rootkit Detection Techniques
  • The Future of Rootkits
  • Are Rootkits Really Even Necessary?
  • Summary
  • References and Further Reading
  • 9 Hacking SQL Server
  • Case Study: Penetration of a SQL Server
  • SQL Server Security Concepts
  • Network Libraries
  • Security Modes
  • Logins
  • Users
  • Roles
  • Logging
  • SQL Server 2005 Changes
  • Hacking SQL Server
  • SQL Server Information Gathering
  • SQL Server Hacking Tools and Techniques
  • Critical Defensive Strategies
  • Additional SQL Server Security Best Practices
  • Summary
  • References and Further Reading
  • 10 Hacking Microsoft Client Apps
  • Exploits
  • Trickery
  • General Countermeasures
  • IE Security Zones
  • Low-privilege Browsing
  • Summary
  • References and Further Reading
  • 11 Physical Attacks
  • Offline Attacks
  • Implications for EFS
  • Online Attacks
  • Device/Media/Wireless Attacks
  • Summary
  • References and Further Reading
  • 12 Windows Security Features and Tools
  • BitLocker Drive Encryption
  • BitLocker Configurations
  • BitLocker with TPM
  • Windows Integrity Control
  • Managing Integrity Levels
  • User Account Control
  • Tokens and Processes
  • UnAdmin
  • Windows Service Hardening
  • Service Resource Isolation
  • Least Privilege Services
  • Service Refactoring
  • Restricted Network Access
  • Session 0 Isolation
  • Your Compiler Can Save You
  • An Overview of Overflows
  • GS Cookies
  • SafeSEH
  • Stack Changes
  • Address Space Layout Randomization
  • Windows Resource Protection
  • Summary
  • References and Further Reading
  • A: Windows Security Checklist
  • Caveat Emptor: Roles and Responsibilities
  • Preinstallation Considerations
  • Basic Windows Hardening
  • Non-Template Recommendations
  • Security Templates Recommendations
  • Windows Firewall and IPSec
  • Group Policy
  • Miscellaneous Configurations
  • Web Application Security Considerations
  • SQL Server Security Considerations
  • Terminal Server Security Considerations
  • Denial of Service Considerations
  • Internet Client Security
  • Audit Yourself!
  • B: About the Companion Website
  • Index