[ISN] REVIEW: "PCWeek Microsoft Windows NT Security"

From: mea culpa (jerichot_private)
Date: Thu Jul 09 1998 - 23:47:28 PDT

  • Next message: mea culpa: "[ISN] Encryption Software Not Protected"

    Forward From: "Rob Slade" <rsladet_private>
    BKPWNTSG.RVW   980514
    "PCWeek Microsoft Windows NT Security", Nevin Lambert/Manish Patel,
    1997, 1-56276-457-8, U$39.99/C$56.95/UK#36.99
    %A   Nevin Lambert nevinlt_private
    %A   Manish Patel manishpt_private
    %C   201 W. 103rd Street, Indianapolis, IN   46290
    %D   1997
    %G   1-56276-457-8
    %I   Macmillan Computer Publishing (MCP)
    %O   U$39.99/C$56.95/UK#36.99 800-858-7674 http://www.mcp.com
    %P   388 p.
    %T   "PCWeek Microsoft Windows NT Security: Security Administrator's
    I always get a bit worried at a book written by two cofounders of a
    consulting startup related to the topic of the book.  My alarm level
    rises when the sarcasm starts right away in the acknowledgements.  I
    am not comforted by the fact that the authors are enthralled by the
    glories of Microsoft.
    Chapter one, however, is a very reasonable look at the different
    levels of security that a situation may demand.  Physical security,
    warnings, accounts, and backups are part of the picture that is
    presented.  Some of the advice is questionable (the use of NTFS
    sometimes involves a tradeoff between access control and recovery) but
    the overall scenario has good range and scope.  The system history
    given in chapter two is rather biased in favour of Microsoft and its
    products, but the system overview is useful background.  Account and
    group concepts and maintenance are covered well in chapter three.  The
    discussion of filesystems in chapter four still hews closely to the
    Microsoft party line, but it does provide information that can be very
    helpful for decisions regarding reliability.  In the Trusted Computer
    System Evaluation Criteria (Orange Book) the term "Trusted Path"
    refers to at least B2 level systems, which NT cannot approach. 
    However, in the review of the NT security subsystem in chapter five,
    the authors do a credible job of justifying the use of the phrase
    through the level of detail they provide of the logon process, as well
    as other operations.  Chapter six looks at access to local resources
    and gives significant detail and information in such areas as well
    known SIDs (Security IDs).  However, as is too often the case, the
    book fails to furnish a clear explanation of assessment of effective
    rights to an object.
    The review of basic networking concepts takes up about half of chapter
    seven, with the remainder looking at shares and network security
    provisions.  RAS (Remote Access Service) and the related encryption
    schemes are discussed in chapter eight, but the lack of details of the
    encryption process make it difficult to assess levels of security and
    operational needs.  Coverage of printer management in chapter nine is
    good, but the implications of options such as spooling and redirection
    are not completely addressed.  Chapter ten deals with a number of
    Registry related topics, including editing, Registry tools, backup,
    and security related keys.
    Chapter eleven provides a thorough and helpful explanation of
    profiles, although, again, extra material on the security implications
    of specific choices could be more helpful.  The ramifications of
    auditing could be discussed forever, of course, but I would have to
    say that chapter twelve's coverage is quite appropriate for the target
    audience level of the book.  Internet security could (and does) fill
    other books, so it is acceptable that only concepts and warnings are
    raised in chapter thirteen.  Chapter fourteen reviews security aspects
    of BackOffice but only in a brief and limited manner.
    Chapter fifteen provides information on NT's use of cryptography, but
    this data is not very helpful since it is not backed up with
    conceptual material on cryptographic strengths and key management. 
    Enterprise policies are reviewed quickly in chapter sixteen.  Chapter
    seventeen looks to the future delivery of Distributed Security
    Services (DSS). The security references and resources listed in the
    appendices are not extensive, but they are of reasonably good quality.
    The book has both a readable style and useful information. The lack of
    formal security concepts means that there are gaps in coverage, but
    overall this work can provide both new users and non-specialist
    administrators with a measure of protection that would reduce
    vulnerability considerably.  Security specialists who are not familiar
    with Windows NT would likely find the most benefit from using the text
    as a tutorial, since they would be able to fill in the blanks from
    their own conceptual background.
    copyright Robert M. Slade, 1998   BKPWNTSG.RVW   980514
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:26 PDT