Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
4Activity
0 of .
Results for:
No results containing your search query
P. 1
Security Enhacncement

Security Enhacncement

Ratings: (0)|Views: 84|Likes:
Published by vishal3479

More info:

Published by: vishal3479 on Dec 05, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

07/19/2010

pdf

text

original

 
vi
Contents
 
81
Chapter 5:
Windows Server 2003Security Enhancements
In Chapter 4, I considered what happens when you merge two environments, including how tocreate secure forest trusts and deploy new Windows Server 2003 (Windows 2003) DNS features tomake a merged environment workable. Although I discussed some security concerns – particularly,how to keep all but those you choose from accessing the resources you need to protect – Windows2003 brings much more to the table for your protection effort.In this chapter, I cover some of the new security enhancements that you can use to ensure amore secure environment day to day. I review improvements in securing file shares and in ACL viewing and editing for better control of file permissions. I discuss the InetOrgPerson object and theease of new schema modification functions that can help you take better advantage of AD. I alsoinclude a tip or two about how to shore up different parts of your Active Directory (AD) to makethem a bit more secure.
Securing the Wire
Microsoft has a history of being burned by the vulnerability of its internetworking protocols. Theprotocol tradeoff is easy to understand: If you make protocols fast, light, and only cursorily secure,they’re speedier on the wire – and you can deploy them more quickly and widely. However,unsecure protocols on your network can compromise your company’s resources. With that in mind, Windows 2003 introduces both new restrictions and new options for somefamiliar scenarios. The changes in Windows 2003 means that you must better understand availablesecurity functions such as Server Message Block (SMB) signing, secure channel signing, LightweightDirectory Access Protocol (LDAP) signing, and password authentication methods.
Shoring Up with SMB Signing 
Not all users can drop their deployed desktops and switch to Windows XP Professional or Windows2000 Professional. Legacy (aka “downlevel”) clients are all too familiar to IT staff. In fact, some orga-nizations include clients that have not only different Windows OSs but also different service packsapplied, which can make it especially difficult to ensure a baseline of protection across the network. Wherever it can, Windows 2003 endeavors to make things more secure than its predecessor. One way in which it attempts greater security is by using SMB connections. The SMB protocol comes intoplay when clients connect to shares. When you performed your first Dcpromo to Windows 2003, yousaw the Active Directory Installation Wizard screen that Figure 5.1 shows.
Brought to you by
NetIQ
and
Windows & .NET Magazine 
eBooks

Activity (4)

You've already reviewed this. Edit your review.
1 hundred reads
ahiren3 liked this
anilkrs liked this
tob_yanasorn liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->